Adding a security identity (bean level)

Assigning a security identity to a bean is useful when another bean calls that bean. The security identity can be set to use the identity of the caller or the identity of a specific security role.

Bean-level security identity was introduced in the EJB 2.0 specification. It was not a part of the EJB 1.1 specification.

To add a bean-level security identity:

1. In the Project Explorer view of the J2EE perspective, right-click the Deployment Descriptor for your EJB project and select Open With > Deployment Descriptor Editor to open the deployment descriptor editor.

2. On the Access page of the editor, click Add in the Security Identity (Bean Level) section.

3. Select one of the following options:
   • Use identity of caller

   • Use identity of specific role (below)

4. If you selected Use identity of specific role (below), complete the following steps:
   1. In the Role name drop-down list, select the existing security role that you want to require for this bean-level security identity.

   2. In the Role description field, enter a description for the role.

5. Type a description for the security identity, and click Next.

6. Select one or more enterprise beans from the list of beans found.

7. Click Finish.

The security identity is added. To remove the security identity, select it and click the Remove button.

 

Related tasks

Defining security roles for EJB modules
Adding relationship roles to keys
Adding security role references