Hello,
There is an EntityBean with all its methods permitted to be run by the
role, say suppose "MASTER".
For that an entry is made in ejb-jar.xml as shown below.
<method-permission >
<role-name>MASTER</role-name>
<method >
<ejb-name>MyEJB</ejb-name>
<method-name>*</method-name>
</method>
</method-permission>
Now this Entity Bean is called from a method of Session Bean whose principal
is not defined...
even then the bean is able to successfully execute the method call
The Security Role has also been specified in the ejb-jar.xml as given below
<security-role>
<role-name>MASTER</role-name>
</security-role>
Please Comment.
Regards,
Vikram Naik
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
