Elephantwalker,
Thanks (see below)
>an ejb reference. This means that your container will not allow you to get
>the context for your entity ejb, so you won't be able to call any methods
>from the client.
But then I also can't call the entity get methods ??, or can I ?. Which is
what I want.
Eddie
>From: "The elephantwalker" <[EMAIL PROTECTED]>
>Reply-To: Orion-Interest <[EMAIL PROTECTED]>
>To: Orion-Interest <[EMAIL PROTECTED]>
>Subject: RE: Restricting access to only Session Manager ?
>Date: Sat, 15 Sep 2001 09:31:55 -0700
>
>Eddie,
>
>Use your slsb or sfsb (the session manager) as your facade to the ejb for
>all access. In your web.xml or client.xml, only refer to the slsb or sfsb
>as
>an ejb reference. This means that your container will not allow you to get
>the context for your entity ejb, so you won't be able to call any methods
>from the client.
>
>You can control security on your session manager by creating security
>constraints for each method, or for method name patterns. This way, you can
>allow the "client" role access to methods which get*, and "mutator" role
>access to methods change*.
>
>In orion, you map the roles to groups (role is a j2ee idea, whereas groups
>is an Orion deployment specification). The groups are defined in the
>principals.xml file of the META-INF directory for the ear file. The group
>to
>role mapping is defined in all of the orion-*.xml files such as
>orion-ejb-jar.xml, orion-web.xml, orion-application.xml. This allows the
>same group to be assigned to different roles in different applications...a
>good idea when you think that various jar/war/ear files may be from
>different vendors, and have different names for their j2ee roles.
>
>
>regards,
>
>the elephantwalker
>
>
>-----Original Message-----
>From: [EMAIL PROTECTED]
>[mailto:[EMAIL PROTECTED]]On Behalf Of Ed Bras
>Sent: Saturday, September 15, 2001 3:09 AM
>To: Orion-Interest
>Subject: Restricting access to only Session Manager ?
>
>
>Hellu,
>
>How can I configure Orion and my J2EE application such that client
>applications are only able to call the get methods of the entity beans ?
>I want that all modification are done throw the Session Manager. The
>Session manager functiones as an intermediate to the entity beans.
>I am using CMP on Orion 1.5.1 with Java 1.3.
>
>Eddie
>
>
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
