Linking Security Role References
Linking Security Role References
is allowed only to access his/her own
information.
</description>
<role-name>employee</role-name>
</security-role>
<security-role>
<description>
This role includes the employees of the human
resources department. The role is allowed to
view and update all employee records.
</description>
<role-name>hr-department</role-name>
</security-role>
<security-role>
<description>
This role includes the employees of the payroll
department. The role is allowed to view and
update the payroll entry for any employee.
</description>
<role-name>payroll-department</role-name>
</security-role>
<security-role>
<description>
This role should be assigned to the personnel
authorized to perform administrative functions
for the employee self-service application.
This role does not have direct access to
sensitive employee and payroll information.
</description>
<role-name>admin</role-name>
</security-role>
...
</assembly-descriptor>
Linking Security Role References to Security Roles
The security role references used in the components of the application are linked to the security
roles defined for the application. In the absence of any explicit linking, a security role reference
will be linked to a security role having the same name.
You can explicitly link all the security role references declared in the @DeclareRoles annotation
or security-role-ref elements for a component to the security roles defined by the use of
annotations (as discussed in
security-role
elements.
Securing Enterprise Beans
Chapter 29 · Securing Java EE Applications
805
