Could somebody have a quick look at what I am doing and tell me if I am
going even vaguely in the right direction.
My problem is that as soon as I put security-roles in my ejb-jar.xml I am
unable to call the ejbs as I get the exception:
com.evermind.server.rmi.OrionRemoteException: guest is not allowed to call
the Table.findByPrimaryKey(...) method, check your security settings.
How do I connect as a user other than guest? OR
How do I grant permissions to guest?
I have an ejb-jar.xml with some security info in it:
<assembly-descriptor>
<security-role>
<description>
Aministrators
</description>
<role-name>administrator</role-name>
</security-role>
<security-role>
<description>
All users
</description>
<role-name>everyone</role-name>
</security-role>
<security-role>
<description>
Guests
</description>
<role-name>guest</role-name>
</security-role>
... method permissions here (everyone has everything at the
moment)
I now need to map those to the roles in principals.xml, so in my
orion-application.xml I have:
<security-role-mapping name="everyone" impliesAll="true">
<group name="guests" />
<group name="users" />
<group name="administrators" />
</security-role-mapping>
<security-role-mapping name="administrator" impliesAll="false">
<group name="guests" />
<group name="users" />
<group name="administrators" />
</security-role-mapping>
<security-role-mapping name="guest" impliesAll="false">
<group name="guests" />
<group name="users" />
<group name="administrators" />
</security-role-mapping>
<principals path="d:\orion\config\principals.xml" />
where guests,users and administrators are groups in principles.xml.
Is this the correct thing to do.
Dave Smith
Senior Team Leader
Aristocrat Technologies Australia Pty Ltd
mailto:[EMAIL PROTECTED]
