Operating Systems: i5/OS
             Personalize the table of contents and search results

This topic applies only on the i5/OS operating system.

 

Enable security on EJB method group authority

 

You might have to enable security on Enterprise JavaBeans (EJB) method group authority.

 

Overview

If EJB security is defined for EJB 1.0, an additional step after migration is required to bind security roles to EJB 1.1 method names. Some of the method names for enterprise beans have changed with EJB 1.1. This table provides some examples:

EJB 1.0 method name EJB 1.1 method name
ejbCreate create
ejbRemove remove
ejbGetEJBMetaData getEJBMetaData
ejbFindBy findBy

After you migrate your application, use the Application Server Toolkit (AST) to add the EJB 1.1 method name to the method permission created for the EJB 1.0 method. A method permission is a mapping between one or more security roles and one or more methods that a member of the role can call. To add the EJB 1.1 method name, first map a network drive from your workstation to the iSeries where the WebSphere Application Server installation resides. Use the ATK to perform these steps.

 

Procedure

  1. Start the Application Server Toolkit.

    1. On your workstation, select Start > Programs > IBM > ASTK > ASTK.

    2. In the Application Server Toolkit window, specify the workspace directory and click OK to launch the graphical user interface.

  2. In the J2EE perspective, click File > Import > EAR file then click Next.

    1. In the EAR file combination box, click Browse.

    2. Locate the /QIBM/Userdata/WebAsAdv4/myinstance/installedApps/ directory on your mapped iSeries drive. Select the EAR file that contains the EJB module that you want to update and click OK.

    3. In the Project name field, type a name for the enterprise application project that will be created when you import the EAR file.

    4. In the Project location field, enter the directory where the project source files will be stored.

      By default, the current workspace directory is used. Click Browse to choose another location.

    5. If you do not want to be warned about overwriting existing resources, select Overwrite existing resources without warning.

    6. Click Finish to accept all defaults for EAR import.

  3. Expand EJB Modules > module_name, where module_name is the name of the module that you want to update.

  4. Right-click the desired EJB module, and select Open With > Deployment Descriptor Editor from the context menu.

  5. On the EJB Deployment Descriptor page, click the Assembly Descriptor tab.

  6. On the Assembly Descriptor page, select the method permission that contains the EJB 1.0 method name under the Method Permissions heading.

  7. Click Edit. The Edit Method Permissionwizard appears.

  8. Select the security role for the method permission from the list of roles found.

  9. Click Next.

  10. Select one or more enterprise beans from the list of beans found.

  11. Click Next.

  12. Select the appropriate methods that contain the EJB 1.1 method name that you want to bind to your security role.

  13. Unselect the corresponding methods that contain the EJB 1.0 method name.

  14. Click Finish.

  15. Click File > Export to save the updated EAR file to a temporary file. Reinstall the application using the temporary file.