Entering content frame

Procedure documentation Specifying Security Identity Locate the document in its SAP Library structure

Use

Use this procedure to specify whether the caller identity will be used when invoking the bean’s methods, or whether the caller will use a specific run-as identity.

Procedure

...

       1.      Open the ejb-jar.xml.

       2.      From the right-hand pane, choose the Enterprise Beans tab.

       3.      Open the corresponding tree structure depending on the type of your enterprise bean.

       4.      From your bean tree sub-structure, select security-identity.

       5.      Choose add.

       6.      In the Description field, enter an optional description of the security identity.

       7.      Choose the security identity.

                            a.      To use the caller identity, choose the Use caller identity option.

The following shows a sample result source code:

<security-identity>

   <description>The caller’s identity will be used when accessing the bean’s methods.</description>

   <use-caller-identity/>

</security-identity>

 

Note

You cannot specify the Use caller identity option for message-driven beans. You must specify the run-as identity instead.

                            b.      To specify the run-as identity:

                                                  i.       Choose the run-as option.

                                                ii.       Choose Add to choose one of the security roles defined in ejb-jar.xml and to assign it to the run-as identity.

To change an already assigned security role, choose Remove and then choose Add to assign another security role.

                                               iii.       Enter an optional description of the run-as identity.

The following shows a sample result source code:

<security-identity>

   <description> The bean will use run-as identity to make calls. </description>

   <run-as>

      <role-name> carCustomer </role-name>

   </run-as>

</security-identity>

 

You must also specify the name of the security principal that will be used in the run-as identity. This principal is specified in ejb-j2ee-engine.xml. If this element is omitted, the EJB Container will choose a random user, mapped to the security role specified for the run-as identity in ejb-jar.xml.

                                               iv.       Open the ejb-j2ee-engine.xml ® Enterprise Beans tab.

                                                 v.       From the tree structure in the Enterprise Beans tab, select your bean.

                                               vi.       Enter the name of the security principal in the Run as identity field in the right-hand pane.

The following shows a sample result source code:

<run-as-identity-map>

   <user-name> customer </user-name>

</run-as-identity-map>

 

 

Leaving content frame