Replacing security roles
You can use the Application Deployment Descriptor editor to replace redundant or unnecessary security roles with preferred roles.
In some application development situations, you might encounter redundant roles that are serving the same purpose throughout the enterprise application or in the modules. In this case, you can use a wizard to replace the redundant roles throughout the enterprise application and modules with the security roles that you want to keep.
For example, you have a security role Boss that is defined in the enterprise application. The Boss security role is serving the same purpose as another security role called Manager that is gathered from the EJB module. To remove the redundancy, you can replace all usages of the role Manager with the role Boss. After the Manager role is replaced by Boss, the Manager role is removed from the application and is deleted. The Manager role is also removed from the EJB module where it was gathered from and replaced with the Boss role in the module.
To replace security roles:
- In the Project Explorer view of the J2EE perspective, right-click the Deployment Descriptor for your enterprise application project and select Open With > Deployment Descriptor Editor to open the Application Deployment Descriptor editor.
- On the Security page of the editor, click Replace. The Replace Security Roles wizard opens.
- Select the security roles that you want to keep, then click Next.
- For the security roles that you did not select to keep, define the replacement scheme by completing the following steps:
- In the Security roles to be replaced table, select a security role.
- In the Replacement scheme table on the left, select the replacement security role that you want to use to replace the security role or roles that you selected in the right table.
- Click the left arrow (<) button to move the security roles to be replaced into the Replacement scheme table.
Note: In the Replacement scheme table, security roles that appear as children in the node tree will be replaced by the security role that appears as their parent.
- When you finish defining the replacement scheme for all of the security roles, click Finish.
The wizard replaces the security roles throughout the enterprise application and modules based on the replacement scheme that you defined.
Parent topic
Defining security roles for enterprise applications
Related concepts
Application Deployment Descriptor editor
Related tasks
Defining security roles for enterprise applications
Gathering security roles