I've thought a little about this recently. The only idea I've come up with (but haven't implemented yet) is to create a Session Bean that checks the various permissions you need. For example, say that only Administrators are only allowed to add a new user to the system. You could have a Session Bean called PermissionChecker that has a method "boolean canAddNewUser()". The method could use the isCallerInRole() method in EJBContext to see if the user has the Admin role. There are a couple of obvious problems with this solution. First, permissions are not longer completely declarative. The other problem is that role that is programmatically checked in canAddNewUser must be kept in sync with the role that is assigned to the actual method that creates the new user in that EJB's deployment descriptor. But until EJB architects come up with a mechanism to handle this issue (anyone know if its being considered for the 2.0 spec?), this is the only thing I can think of. Jeff Bailey ([EMAIL PROTECTED]) Sr. Software Engineer NetGenics, Inc. -----Original Message----- From: David Gasul [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 26, 1999 10:15 AM To: [EMAIL PROTECTED] Subject: Q: EJB security rolse & User Interface Hi EJBers, An n-tier application has a client, middleware and possibly multiple backends. (This is obvious) Assume the client is a GUI client who uses menus. (A common practice) Assume there are a number of roles each one assigned certain priveleges. (A common practice) Now, if the client invokes a method on a bean whose method she's disallowed to invoke because of her role, the EJB container is supposed to catch this and provide to the client application the proper exception. (This is obvious) But building a system according to such a concept results IN A VERY BADLY DESIGNED SYSTEM!!!! The proper way of doing this, is NOT TO ALLOW the client in the first place to invoke the methods she may not invoke by, for example, disabling those methods in the menus, and to use EJB container security enforcement as the second bastion. So, it is somehow required to export to the client the methods a user in a role may invoke so that the client can adjust the menus accordingly. I didn't see any means to this effect. Did anybody else? Regards, -- David Gasul phone: +972-3-5388634 Telegate Ltd. office: +972-3-5384600 7 Haplada St., 60218 Or-Yehuda fax: +972-3-5335877 Israel http://www.telegate.co.il <http://www.telegate.co.il> =========================================================================== To unsubscribe, send email to [EMAIL PROTECTED] and include in the body of the message "signoff EJB-INTEREST". For general help, send email to [EMAIL PROTECTED] and include in the body of the message "help".
