[jboss-user] [Security & JAAS/JBoss] - difference between security-role-ref and security-role?

j0llyr0g3r do-not-reply at jboss.com
Wed Jun 18 14:22:51 EDT 2008


Hey folks, 

since i started to read my Jboss books i am more confused than before.

What is the difference between security-role-ref and security-role?

The books i have do not explain that in an understandable way...

Do i have to use both in my ejb-jar.xml?

Currently i have a configuration like this:

<ejb-jar>
  | 	<enterprise-beans>
  | 		<session>
  | 			<ejb-name>SayHello</ejb-name>
  | 			<security-role-ref>
  | 				<role-name>SayHelloRole</role-name>
  | 				<role-link>SayHelloRole</role-link>
  | 			</security-role-ref>
  | 		</session>
  | 	</enterprise-beans> 
  |    <assembly-descriptor> 
  |       <security-role>
  |       	<description>foooo</description>
  |       	<role-name>SayHelloRole</role-name>
  |       </security-role>
  |       <method-permission>
  |       	<role-name>admin</role-name>
  |       	<method>
  |       		<ejb-name>SayHello</ejb-name>
  |       		<method-name>*</method-name>
  |       	</method>	
  |       </method-permission>
  |    </assembly-descriptor>
  | </ejb-jar>

Is this correct? Does it make sense you?

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4159070#4159070

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4159070



More information about the jboss-user mailing list