9.5.1 Enterprise Bean security identities

Define the Enterprise Bean security identities.

The two types of security identities, "UseCallerIdentity" and "RunAs", can be set.

UseCallerIdentity

The caller's security identity is used when a method is executed.

Specify a security identity to be associated with an execution thread when an Enterprise Bean home or component interface method is executed.
RunAs

Operations were performed in accordance with the role identity specified by role name.

Organization of this subsection

(1) Attribute files to be edited
(2) Obtaining the attribute file to be edited and setting up attributes
(3) Attribute settings to be edited

(1) Attribute files to be edited

Edit the following attributes files for each type of Enterprise Beans.

Session Bean attribute file
Entity Bean attribute file
Message-driven Bean attribute file

To Page Top

(2) Obtaining the attribute file to be edited and setting up attributes

Obtaining the attribute file

Execute the following command to obtain the Enterprise Bean attribute file.

Execute form

cjgetappprop [server name] [-nameserver provider URL] -name J2EE application name -type ejb -resname EJB-JAR display name/enterprise bean display name -c enterprise bean attribute file path

Example

cjgetappprop MyServer -name adder -type ejb -resname addr/adder_eb -c C:\home\adder_ejb.xml

Setting up attributes

Execute the following command to reflect the Enterprise Bean attribute file values.

Execute form

cjsetappprop [server name] [-nameserver provider URL] -name J2EE application name -type ejb -resname EJB-JAR display name/enterprise bean display name -c enterprise bean attribute file path

Example

cjsetappprop MyServer -name adder -type ejb -resname adder/adder_eb -c C:\home\adder_ejb.xml

To Page Top

(3) Attribute settings to be edited

The following table lists the Enterprise Bean security definition (security identity) settings (<security-identity>).

Item	Required	Tag name
Description	O	`<description>`
With security identity setting	O^#	`<use-caller-identity>`
Description on role identity	O	`<run-as> - <description>`
Security role name	O^#	`<run-as> - <role-name>`
Name specified in security role	O	`<run-as> - <user-name>`

Legend: O: Optional

#: Set either of the following items depending on whether the caller's security identity is used when a method is executed.

The caller's security identity is used when a method is executed:

Specify whether the security identity is set (<use-caller-identity>).
The caller's security identity is not used when a method is executed:

Set role identity information (<run-as>).
Only set role identity (<run-as>) information for message-driven beans.

For details about property settings, see:

Subsection 3.4.1 Specifications of the HITACHI Session Bean Property file in the uCosminexus Application Server Application and Resource Definition Reference Guide
Subsection 3.5.1 Specifications of the HITACHI Entity Bean Property file in the uCosminexus Application Server Application and Resource Definition Reference Guide
Subsection 3.6.1 Specifications of the HITACHI MessageDrivenBean Property file in the uCosminexus Application Server Application and Resource Definition Reference Guide

To Page Top