JAVA 認證心得 -- SCBCD (14)

Security Management

##CONTINUE##

• All the role names used by a bean must be specified in ＜security-role-ref＞ tags.

＜! ELEMENT resource-ref (description?, role-name,

＜-- the role name such as 'admin' used in the bean code. For example, ejbContext.isCallerInRole("admin");

＜role-link＞ ＜-- this is used by the deployer or the assembler to map the role name used by the bean to an actual role that exists in the system. )＞

The following is a sample usage:

＜enterprise-beans＞
＜session＞
＜ejb-name＞BonusCalc＜/ejb-name＞
＜security-role-ref＞ BP
＜description＞system admins have higher bonus rates. ＜/description＞
＜role-name＞admin＜/role-name＞ ＜-- This is given by the bean provider.
＜!-- deployer adds the following line because she knows that the role name

of system administrators is configured in her system as 'sysadmin'; --＞
＜role-link＞sysadmin＜/role-link＞ AA
＜/security-role-ref＞
＜/session＞
＜/enterprise-beans＞

• If the client is in a different security domain than the target enterprise bean, the System Admin is responsible for mapping the principals used by the client to the principals defined for the EJB. The result of this mapping is available to the Deployer
• The ＜exclude-list＞ element is used to indicate the set of methods that should not be called. Within ＜assembly-descriptor＞ , should be specified by the Application Assembler.

  ＜exclude-list＞

  ＜description＞＜/description＞

  ＜method＞

  ＜ejb-name＞＜/ejb-name＞

  ＜method-name＞＜/method-name＞

  ＜/method＞

  ＜/exclude-list＞

• The AA links each security role reference to a security role using the ＜role-link＞ element.
• The security roles defined in the deployment descriptor apply to all the enterprise beans declared in the same ejb-jar file.
• Security roles make the task of Deployer easy to secure the enterprise bean application
• The run-as identity doesn't change the security identity of its caller. The security identity of the caller remains the same and is checked to know its access to invoke methods of the enterprise bean.
• The Bean Provider declares security role references in the deployment descriptor. Security role references declared in the deployment descriptor are scoped to the enterprise bean which contains the ＜security-role-ref＞ deployment descriptor element
• It is the responsibility of the Application Assembler to define ＜method-permission＞ deployment descriptor element.
• ＜method-permission＞ deployment descriptor element identifies methods of home and component interface of enterprise beans that can be invoked by a security role
• specifies a relation between two ejbs ＜ ejb-relation ＞
• specifies the relationships that exist in an application ＜ relationships ＞
• 1. security-role-ref: This is the name used by the bean code to refer to a security role. Since it is used inside the bean code, the provider specifies it in the deployment descriptor.
  2. security-role: These are the logical roles that are available to the application. Since these are application specific, these are specified by the application assembler in the deployment descriptor. Also, since these are provided by the application assembler, the application assembler also has the responsibility of mapping security-role-ref to the security-role. Further, since the application assembler knows the business logic, she also specifies which bean methods can be called by which role using the ＜method-permission＞ tags.
  3. The deployer makes sure that the roles required by the application assembler are avaible in the target system. The Deployer's job is to map the security view that was specified by the Application Assembler to the mechanisms and policies used by the security domain in the target operational environment. The output of the Deployer's work includes an application security policy descriptor that is specific to the operational environment. The format of this descriptor and the information stored in the descriptor are specific to the EJB Container.
  The Deployer is also responsible for assigning the security domain and principal realm to an enterprise bean application.
• Java.security.Principal is the type of the object by the method of the javax.ejb.EntityContext interface that retrieves the principal of the client that called the bean.
• ＜role-link＞ link ＜security-role-ref＞ to ＜security-role＞