JBoss.org Community Documentation
Both EJBs and servlets can declare one or more security-role-ref
elements as shown in Figure 8.1, “The security-role-ref element”. This element declares that a component is using the role-name
value as an argument to the isCallerInRole(String)
method. By using the isCallerInRole
method, a component can verify whether the caller is in a role that has been declared with a security-role-ref/role-name
element. The role-name
element value must link to a security-role
element through the role-link
element. The typical use of isCallerInRole
is to perform a security check that cannot be defined by using the role-based method-permissions
elements.
Example 8.1, “An ejb-jar.xml descriptor fragment that illustrates the security-role-ref element usage.” shows the use of security-role-ref
in an ejb-jar.xml
.
<!-- A sample ejb-jar.xml fragment --> <ejb-jar> <enterprise-beans> <session> <ejb-name>ASessionBean</ejb-name> ... <security-role-ref> <role-name>TheRoleICheck</role-name> <role-link>TheApplicationRole</role-link> </security-role-ref> </session> </enterprise-beans> ... </ejb-jar>
Example 8.1. An ejb-jar.xml descriptor fragment that illustrates the security-role-ref element usage.
Example 8.2, “An example web.xml descriptor fragment that illustrates the security-role-ref element usage.” shows the use of security-role-ref
in a web.xml
.
<web-app> <servlet> <servlet-name>AServlet</servlet-name> ... <security-role-ref> <role-name>TheServletRole</role-name> <role-link>TheApplicationRole</role-link> </security-role-ref> </servlet> ... </web-app>
Example 8.2. An example web.xml descriptor fragment that illustrates the security-role-ref element usage.