RE: Mapping Users/Groups to Roles

Thu, 05 Oct 2000 05:11:48 -0700 

OK. I'm sending this out once more. Is it that nobody knows the answer, or
is it just to ignorant of a question for anybody to reply?

-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, October 03, 2000 7:59 AM
To: Orion-Interest
Subject: Mapping Users/Groups to Roles


I know this question has been asked before but I couldn't find an answer in
the archive.

For starters in my orion/config I have the default principals.xml that has
the groups users, guests and administrators and the users user, anonymous,
guest, admin. The group assignment of the users is the default. In
particular, guest is a member of guests.

Now, in my ejb-jar.xml I have,

        <assembly-descriptor>
                <security-role>
                        <role-name>guest</role-name>
                </security-role>
                <method-permission>
                        <role-name>guest</role-name>
                        <method>
                                <ejb-name>accountMgr</ejb-name>
                                <method-name>*</method-name>
                        </method>
                </method-permission>
        </assembly-descriptor>

When I deploy and try to access this EJB, I get an exception stating that
guest does not have permission to call the ejb methods.

How does my role guest get mapped back to the user guest in the global
principals.xml file? There seems to be some crucial piece that I'm not
grasping.

On a similar note, what is the default role permission when no
method-permission is defined? I'm assuming it's wide open. Is there a way to
change the application default so that I have to explicitly loosen up the
restrictions and not the other way around?

Also, what is the default container transaction attribute when one isn't
specified for a particular method or ejb?

Thanks,

Bill


=====================
Bill Smith
Senior Software Engineer
iXL, Inc.
4470 Cox Road
Richmond, VA 23060

tel: 804.474.3007
fax: 804.217.8890 
[EMAIL PROTECTED] 

This message is intended only for the use of the Addressee and may contain
information that is PRIVILEGED and CONFIDENTIAL. If you are not the intended
recipient, dissemination of this communication is prohibited. If you have
received this communication in error, please erase all copies of the message
and its attachments and notify us immediately.

Reply via email to