background image

Setting Runtime Properties

<< RolesAllowed Class | Building the Secure Cart Example >>
<< RolesAllowed Class | Building the Secure Cart Example >>

Setting Runtime Properties

the cart, and to list the contents of the cart. An @RolesAllowed annotation implicitly declares a
role that will be referenced in the application; therefore, no @DeclareRoles annotation is
required.
Setting Runtime Properties
The role of CartUser has been defined for this application, but there is no group of CartUser
defined for the Application Server. To map the role that is defined for the application
(CartUser) to a group that is defined on the Application Server (user), add a
<security-role-mapping>
element to the runtime deployment descriptor, sun-ejb-jar.xml,
as shown below. In the original example, there was no need for this deployment descriptor, so it
has been added for this example.
To enable username-password authentication for the application, add security elements to the
runtime deployment descriptor, sun-ejb-jar.xml. The security element that needs to be
added to the deployment descriptor is the <ior-security-config> element. The deployment
descriptor is located in
tut-install/javaeetutorial5/examples/ejb/cart-secure/cart-secure-ejb/src/conf/
sun-ejb-jar.xml
.
<?xml version=
"1.0" encoding="UTF-8"?>
<!DOCTYPE sun-ejb-jar PUBLIC
"-//Sun Microsystems, Inc.//DTD Application Server 9.0 EJB 3.0//EN"
"http://www.sun.com/software/appserver/dtds/sun-ejb-jar_3_0-0.dtd">
<sun-ejb-jar>
<security-role-mapping>
<role-name>CartUser</role-name>
<group-name>user</group-name>
</security-role-mapping>
<enterprise-beans>
<unique-id>0</unique-id>
<ejb>
<ejb-name>CartBean</ejb-name>
<jndi-name>jacc_mr_CartBean</jndi-name>
<pass-by-reference>false</pass-by-reference>
<ior-security-config>
<transport-config>
<integrity>supported</integrity>
<confidentiality>supported</confidentiality>
<establish-trust-in-target>supported</establish-trust-in-target>
<establish-trust-in-client>supported</establish-trust-in-client>
</transport-config>
<as-context>
<auth-method>username_password</auth-method>
<realm>default</realm>
<required>true</required>
</as-context>
Enterprise Bean Example Applications
Chapter 29 · Securing Java EE Applications
823