9.2.2 Setting roles
Set up and associate roles with users. In addition, add reference security roles to the Enterprise Beans, servlets, and JSP.
- Organization of this subsection
(1) Registering roles
Execute the following command to register a role to the J2EE server.
- Execute form
cjaddsec [server name] [-nameserver provider URL] -type role -name role name
- Example
cjaddsec MyServer -type role -name manage
For details about the cjaddsec command, see cjaddsec (add user or role) in the uCosminexus Application Server Command Reference Guide.
(2) Registering roles to users
Execute the following command to add a user to a role.
- Execute form
cjmapsec [server name] [-nameserver provider URL] -role role name -user user name [-user user name]
- Example
cjmapsec MyServer -role manager -user aps_m
For details about the cjmapsec command, see cjmapsec (map user to role) in the uCosminexus Application Server Command Reference Guide.
(3) Adding security roles to Enterprise Beans
Define the Enterprise Bean security role settings.
(a) Attribute file to be edited
EJB-JAR attribute file
(b) Obtaining the attribute file to be edited and setting up attributes
-
Obtaining the attribute file
Execute the following command to obtain the EJB-JAR attribute file.
- Execute form
cjgetappprop [server name] [-nameserver provider URL] -name J2EE application name -type ejb -resname EJB-JAR display name -c EJB-JAR attribute file path
- Example
cjgetappprop MyServer -name adder -type ejb -resname adder -c C:\home\adder_ejb.xml
-
Setting up attributes
Execute the following command to reflect the EJB-JAR attribute file values.
- Execute form
cjsetappprop [server name] [-nameserver provider URL] -name J2EE application name -type ejb -resname EJB-JAR display name -c EJB-JAR attribute file path
- Example
cjsetappprop MyServer -name adder -type ejb -resname adder -c C:\home\adder_ejb.xml
(c) Attribute settings to be edited
The following table lists the Enterprise Bean security role (<security-role>) settings.
|
Item |
Required |
Tag name |
|---|---|---|
|
Description |
O |
<description> |
|
Role name |
R |
<role-name> |
|
Security role name |
O |
<linked-to> |
Legend:
R: Required, O: Optional
For details about the property settings, see subsection 3.3.1 Specifications of the HITACHI EJB-JAR Property file in the uCosminexus Application Server Application and Resource Definition Reference Guide.
(4) Adding security roles to servlets and JSP
Define the servlets and JSP security role settings.
(a) Attribute file to be edited
WAR attribute file
(b) Obtaining the attribute file to be edited and setting up attributes
-
Obtaining the attribute file
Execute the following command to obtain the WAR attribute file.
- Execute form
cjgetappprop [server name] [-nameserver provider URL] -name J2EE application name -type war -resname WAR display name -c WAR attribute file path
- Example
cjgetappprop MyServer -name adder -type war -resname adder -c C:\home\adder_war.xml
-
Setting up attributes
Execute the following command to reflect the WAR attribute file values.
- Execute form
cjsetappprop [server name] [-nameserver provider URL] -name J2EE application name -type war -resname WAR display name -c WAR attribute file path
- Example
cjsetappprop MyServer -name adder -type war -resname adder -c C:\home\adder_war.xml
(c) Attribute settings to be edited
The following table lists the Web application (servlets and JSP) security role reference (<security-role>) settings.
|
Item |
Required |
Tag name |
|---|---|---|
|
Description |
O |
<description> |
|
Role name |
R |
<role-name> |
|
Security role name |
O |
<linked-to> |
Legend:
R: Required, O: Optional
For details about the property settings, see subsection 3.7.1 Specifications of the HITACHI WAR Property file in the uCosminexus Application Server Application and Resource Definition Reference Guide.