This tags maps a reference to a security role used in the bean code to an EJB-scoped security role defined in the EJB project.
Class tag on entity and session beans.
@ejbgen:security-role-ref
[id="TagID"]
[role-link="RoleLink"]
role-name="RoleName"
id
Optional. Specifies the ID of the tag. For more information, see EJBGen Tag Inheritance.
role-link
Optional. References a EJB-scoped security role. If you do not specify this attribute, deployment of the bean is not possible until the role name is manually mapped the link to a security role by the deployer (administrator).
role-name
Required. Specifies the name of the security role used in the code.
When you use this tag, make sure that the EJB scoped security role is defined using the @ejbgen:role-mapping Annotation.
The following example shows the use of a manager role in the EntityContext's isCallerInRole method in a session bean. The ejbgen:security-role-ref tag at the top of the class definition maps this reference to managerLevel3. The ejbgen:role-mapping tag defines the managerLevel3 security role.
* @ejbgen:role-mapping global-role="true" role-name="managerLevel3"
* @ejbgen:security-role-ref role-link="managerLevel3" role-name="manager"
* ...
*/
public class RoleCheckerBean extends GenericSessionBean implements SessionBean
{
SessionContext context;
public void ejbCreate() {
// Your code here
}
/**
* @ejbgen:local-method
*/
public String approveExpense(double amount)
{
if(context.isCallerInRole("manager") == false) {
// not allowed to approve this expense
...
}
...