Setting permission on class level forces xdoclet toMy source code (only revelant parts of course)
generate following entry:
<method-permission >
<description><![CDATA[description not
supported yet by ejbdoclet]]></description>
<role-name>admin</role-name>
<role-name>data</role-name>
<method >
<description><![CDATA[description not
supported yet by ejbdoclet]]></description>
<ejb-name>Rider</ejb-name>
<method-name>*</method-name>
</method>
</method-permission>
And of course such permission matches every method in your EJB. Setting permission on method
creates yet another entry, but just for specified
method - and does not invalidate globbed permission.
regards,
/**
* ....
* @ejb.permission role-name="user"
*/
public class .........
/**
* ........
* @ejb.permission role-name="Hello"
*/
public PatientObjectValue getPatientObject()
.................
That produces:
<method-permission>
<role-name>user</role-name>
<method>
<ejb-name>PatientEntity</ejb-name>
<method-name>*</method-name>
</method>
</method-permission>
<method-permission>
<role-name>Hello</role-name>
<method>
<ejb-name>PatientEntity</ejb-name>
<method-name>getPatientObjectValue</method-name>
<method-params>
</method-params>
</method>
</method-permission>
A user with only the "user" role can still run the method getPatientObjectValue. I am using JBoss-3.0.3 ... Is JBoss the problem or am I doing something incorrect?
Thanks,
Jeremy Cowgar
[EMAIL PROTECTED]
-------------------------------------------------------
This sf.net email is sponsored by: See the NEW Palm Tungsten T handheld. Power & Color in a compact size!
http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0001en
_______________________________________________
Xdoclet-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/xdoclet-user
