WebSphere › User Identification, Authentication, and Network Security › EJBROLE Class

EJBROLE Class

Use the EJBROLE (or GEJBROLE) class in CA Top Secret to control a client’s access to enterprise beans.

To protect an application using EJB roles:

• Define a profile name using the EJBROLE (or GEJBROLE) class. For example:

  TSS ADD(deptartment) EJBROLE(role_name)
  

  Department

  Specifies a department already defined in the CA Top Secret database.

  role_name

  Matches the security role attribute specified in the jar file or for the application. Role names can be in mixed case but cannot contain blanks.

  Range: Uo to 245 charactrers

• Create membership in the role by permitting CA Top Secret userID’s or profiles permission to the defined EJBROLE resource. For example:

  TSS PERMIT(acid) EJBROLE(role_name)
  

• The application assembler must assign method permissions to the bean or method using the Application Assembly Tool. Define the roles relevant to the application. The role names must match the resource names defined to CA Top Secret. Once defined, the role can be assigned to access an application (as a method permission). After the application assembly is complete, re-install the application using the Administration application.