Security identities on the method-level are used when another
bean calls that method. The security identity specified for the method
is then used. The identity can be set to use the identity of the caller,
the identity of the EJB server, or the identity of a specific security
role.
About this task
Method-level security identities are valid for both EJB
1.x and EJB 2.x enterprise beans in either EJB 1.x or 2.x projects.
Procedure
- Switch to the Java™ EE
perspective.
- In the Project Explorer view, select the deployment descriptor
of the desired EJB module.
- Right click the Deployment Descriptor,
and select .
- On the Access page of the editor,
select the Security Identity (Method Level) section.
- Click Add. The Add Security Identity
wizard appears.
- Select a run as mode from the following choices:
- Use identity of caller - With this
option, the security service makes no changes to the principal's credential
settings.
- Use identity of EJB server - With this
option, the security service alters the principal's credential settings
to match the credential settings associated with the EJB server.
- Use identity assigned to specific role (below) -
With this option, a principal that has been assigned to the specified
security role is used for the execution of the bean's methods. This
association is part of the application binding in which the role is
associated with a user ID and password of a user who is granted that
role.
- If you select Use identity assigned to specific
role above, you must select a role name and role description.
- Type a description for the new identity in the Security
identity description field.
- Click Next.
- Select one or more enterprise beans from the list of beans
found, then click Next.
- Select one or more of the method elements for the security
identity.
- Click Finish.
Results
The security identity is added. To remove the security identity,
select it and click the
Remove button.