|
|
|
|
|
|
Application Services and Security
As described in Deployment Descriptors and Security Roles, each Enterprise JavaBean (EJB) Java ARchive (JAR) file has two associated deployment descriptors: ejb-jar.xml and weblogic-ejb-jar.xml. These XML files contain elements that register an application's individual JavaBeans with appropriate security constraints.
Since you will use the Campaign Manager for WebLogic, WebLogic Commerce Server, and WebLogic Personalization Server application services as a starting point for developing your own applications, this topic describes the contents of these deployment descriptors for each JAR in the included wlcsApp enterprise application. Therefore, this topic includes the following sections:
Notes: The JAR files containing the ejb-jar.xml and weblogic-ejb-jar.xml deployment descriptors that are described in this chapter can be found in the $WL_COMMERCE_HOME/WebLogicCommerce3.5/config/wlcsDomain/
wlcsApp subdirectory, where $WL_COMMERCE_HOME is the directory where you installed the product.
Only the security-related elements of the ejb-jar.xml and weblogic-ejb-jar.xml deployment descriptors are discussed in this chapter. For more detailed information about the other elements these deployment descriptors contain, see the Deployment Guide.
action.jar
The action.jar file contains an EJB that provides the executable actions for the campaign server (that is, the mail action, the ads action, and the offer discount action).
Enterprise Bean Definitions
Table 3-1 lists the enterprise JavaBean that is defined within the action.jar file's ejb-jar.xml deployment descriptor.
|
Name |
Type |
|---|---|
|
ActionService |
Stateless session |
Assembly Descriptor
Within the action.jar file, the ejb-jar.xml deployment descriptor registers the ActionService stateless session JavaBean with the application assembly descriptor shown in Listing 3-1.
Listing 3-1 Assembly Descriptor Element for the ActionService JavaBean
<assembly descriptor>
<security-role>
<description>Anonymous Users</description>
<role-name>AnonymousRole</role-name>
</security-role>
<method-permission>
<role-name>AnonymousRole</role-name>
<method>
<ejb-name>ActionService</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
</method-permission>
...
</assembly-descriptor>
In this case, the assembly descriptor specifies that users within the security role AnonymousRole will be granted access to all of the methods in the ActionService JavaBean's Home interface.
Security-Role Assignments
Within the action.jar file, the weblogic-ejb-jar.xml deployment descriptor defines the security role assignments for the ActionService stateless session JavaBean, as shown in Listing 3-2. In this case, the security role AnonymousRole is assigned to the everyone principal.
Note: For more information about security roles and principals, see What Is a Security Role?.
Listing 3-2 Security Role Assignments for the ActionService JavaBean
<security-role-assignment>
<role-name>AnonymousRole</role-name>
<principal-name>everyone</principal-name>
</security-role-assignment>
axiom.jar
The axiom.jar file is a collection of EJBs that provide user and group management and Unified User Profile (UUP) services. For more information, see "Unified User Profiles" in the Creating and Managing Users chapter of the Building Personalized Applications documentation.
Enterprise Bean Definitions
Table 3-2 lists the enterprise JavaBeans that are defined within the axiom.jar file's ejb-jar.xml deployment descriptor.
Security-Role References
In addition, the ejb-jar.xml deployment descriptor contains security-role reference elements for the com.beasys.commerce.axiom.contact.UserManager stateless session JavaBean and the com.beasys.commerce.axiom.contact.User entity bean. These elements, shown in Listing 3-3, enable the EJB to do programmatic security checking, if such behavior is desired.
Listing 3-3 Security-Role References in the User and UserManager JavaBeans
<security-role-ref>
<description>This ref declares the Administrative role for this
bean</description>
<role-name>AdministrativeRole</role-name>
<role-link>AdministrativeRole</role-link>
</security-role-ref>
Note: For information on the differences between declarative and programmatic security, see the "Security" chapter in the Java 2 Platform Enterprise Edition Specification, v1.3
.Assembly Descriptor
Within the axiom.jar file, the ejb-jar.xml deployment descriptor registers the Axiom stateless session and entity JavaBeans with the application assembly descriptor shown in Listing 3-4.
Listing 3-4 Assembly Descriptor Element for the Axiom JavaBeans
<assembly descriptor>
<security-role>
<description>Administrators</description>
<role-name>AdministrativeRole</role-name>
</security-role>
<security-role>
<description>Anonymous Users</description>
<role-name>AnonymousRole</role-name>
</security-role>
<method-permission>
<role-name>AnonymousRole</role-name>
<method>
<ejb-name>com.beasys.commerce.axiom.contact.
UserManager</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.axiom.contact.
UserManager</ejb-name>
<method-intf>Remote</method-intf>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.axiom.contact.
RealmConfiguration</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.axiom.contact.
RealmConfiguration</ejb-name>
<method-intf>Remote</method-intf>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.axiom.contact.
UnifiedProfileTypeManager</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.axiom.contact.
UnifiedProfileTypeManager</ejb-name>
<method-intf>Remote</method-intf>
<method-name>*</method-name>
</method>
</method-permission>
...
</assembly-descriptor>
In this case, the assembly descriptor first specifies two security roles, AdministrativeRole and AnonymousRole. The assembly descriptor then specifies the individual method permissions for the three stateless session JavaBeans in the axiom.jar file (UserManager, RealmConfiguration, and UnifiedProfileTypeManager) according to the AnonymousRole. Thus, users within the security role AnonymousRole will be granted access to all of the methods in the UserManager, RealmConfiguration, and UnifiedProfileTypeManager JavaBeans' Home interfaces, as well as all of the methods of their Remote interfaces. The AdministrativeRole is not used.
Security-Role Assignments
Within the axiom.jar file, the weblogic-ejb-jar.xml deployment descriptor defines the security role assignments for the Axiom JavaBeans, as shown in Listing 3-5. In this case, the security role AdministrativeRole is assigned to the admin principal, and the AnonymousRole is assigned to the everyone principal.
Note: For more information about security roles and principals, see What Is a Security Role?.
Listing 3-5 Security Role Assignments for the Axiom JavaBeans
<security-role-assignment>
<role-name>AdministrativeRole</role-name>
<principal-name>admin</principal-name>
</security-role-assignment>
<security-role-assignment>
<role-name>AnonymousRole</role-name>
<principal-name>everyone</principal-name>
</security-role-assignment>
bridge.jar
The bridge.jar file contains an EJB that provides the LDAP configuration information for the Unified User Profile (UUP) service. For more information about UUP, see "Unified User Profiles" in the Creating and Managing Users chapter of the Building Personalized Applications documentation. For more information about UUP and LDAP, see "Using the LDAP Realm" in the same chapter.
Enterprise Bean Definitions
Table 3-3 lists the enterprise JavaBean that is defined within the bridge.jar file's ejb-jar.xml deployment descriptor.
|
Name |
Type |
|---|---|
|
com.beasys.commerce.bridge.ldap.LDAPConfiguration |
Stateless session |
Assembly Descriptor
Within the bridge.jar file, the ejb-jar.xml deployment descriptor registers the LDAPConfiguration stateless session JavaBean with the application assembly descriptor shown in Listing 3-6.
Listing 3-6 Assembly Descriptor Element for the LDAPConfiguration JavaBean
<assembly descriptor>
<security-role>
<description>Anonymous Users</description>
<role-name>AnonymousRole</role-name>
</security-role>
<method-permission>
<role-name>AnonymousRole</role-name>
<method>
<ejb-name>com.beasys.commerce.bridge.ldap.
LDAPConfiguration</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
</method-permission>
...
</assembly descriptor>
In this case, the assembly descriptor specifies that users within the security role AnonymousRole will be granted access to all of the methods in the LDAPConfiguration JavaBean's Home interface.
Security-Role Assignments
Within the bridge.jar file, the weblogic-ejb-jar.xml deployment descriptor defines the security role assignments for the LDAPConfiguration stateless session JavaBean, as shown in Listing 3-7. In this case, the security role AnonymousRole is assigned to the everyone principal.
Note: For more information about security roles and principals, see What Is a Security Role?.
Listing 3-7 Security Role Assignments for the LDAPConfiguration JavaBean
<security-role-assignment>
<role-name>AnonymousRole</role-name>
<principal-name>everyone</principal-name>
</security-role-assignment>
campaign.jar
The campaign.jar file is a collection of EJBs that provide the campaign and scenario services and repositories.
Enterprise Bean Definitions
Table 3-4 lists the enterprise JavaBeans that are defined within the campaign.jar file's ejb-jar.xml deployment descriptor.
Assembly Descriptor
Within the campaign.jar file, the ejb-jar.xml deployment descriptor registers the Campaign stateless session JavaBeans with the application assembly descriptor shown in Listing 3-8.
Listing 3-8 Assembly Descriptor Element for the Campaign JavaBeans
<assembly-descriptor>
<security-role>
<description>Anonymous Users</description>
<role-name>AnonymousRole</role-name>
</security-role>
<security-role>
<description>Administrative Users</description>
<role-name>AdminRole</role-name>
</security-role>
<!-- Permissions for the AnonymousRole -->
<method-permission>
<role-name>AnonymousRole</role-name>
<method>
<ejb-name>com.bea.commerce.campaign.
ScenarioService</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.bea.commerce.campaign.
ScenarioService</ejb-name>
<method-intf>Remote</method-intf>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.bea.commerce.campaign.
CampaignService</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.bea.commerce.campaign.
CampaignService</ejb-name>
<method-intf>Remote</method-intf>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.bea.commerce.campaign.
CampaignRepository</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.bea.commerce.campaign.
CampaignRepository</ejb-name>
<method-intf>Remote</method-intf>
<method-name>getCampaignService</method-name>
</method>
</method-permission>
<!-- Permissions for the AdminRole -->
<method-permission>
<role-name>AdminRole</role-name>
<method>
<ejb-name>com.bea.commerce.campaign.
ScenarioService</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.bea.commerce.campaign.
ScenarioService</ejb-name>
<method-intf>Remote</method-intf>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.bea.commerce.campaign.
ScenarioRepository</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.bea.commerce.campaign.
ScenarioRepository</ejb-name>
<method-intf>Remote</method-intf>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.bea.commerce.campaign.
CampaignService</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.bea.commerce.campaign.
CampaignService</ejb-name>
<method-intf>Remote</method-intf>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.bea.commerce.campaign.
CampaignRepository</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.bea.commerce.campaign.
CampaignRepository</ejb-name>
<method-intf>Remote</method-intf>
<method-name>*</method-name>
</method>
</method-permission>
...
</assembly-descriptor>
In this case, the assembly descriptor specifies that users within the security role AnonymousRole will be granted access to all the methods in the Home and Remote interfaces for the ScenarioService and CampaignService JavaBeans, plus all methods on the Home interface of the CampaignRepository JavaBean. In addition, users in the AnonymousRole will be granted access to the getCampaignService method on the Remote interface of the CampaignRepository JavaBean. Users within the security role AdminRole will be granted access to all methods in the Home and Remote interfaces for all the JavaBeans.
Security-Role Assignments
Within the campaign.jar file, the weblogic-ejb-jar.xml deployment descriptor defines the security role assignments for the Campaign stateless session JavaBeans, as shown in Listing 3-9. In this case, the security role AnonymousRole is assigned to the everyone principal, and the AdminRole is assigned to both the admin and system principals.
Note: For more information about security roles and principals, see What Is a Security Role?.
Listing 3-9 Security Role Assignments for the Campaign JavaBeans
<security-role-assignment>
<role-name>AnonymousRole</role-name>
<principal-name>everyone</principal-name>
</security-role-assignment>
<security-role-assignment>
<role-name>AdminRole</role-name>
<principal-name>admin</principal-name>
<principal-name>system</principal-name>
</security-role-assignment>
discount.jar
The discount.jar file is a collection of EJBs that provide the discount definition and association services. More information about the Discount Management and Association services can be found in the "Discounts" chapter of the Managing Purchases and Processing Orders documentation.
Enterprise Bean Definitions
Table 3-5 lists the enterprise JavaBeans that are defined within the discount.jar file's ejb-jar.xml deployment descriptor.
Assembly Descriptor
Within the discount.jar file, the ejb-jar.xml deployment descriptor registers the Discount stateless session and entity JavaBeans with the application assembly descriptor shown in Listing 3-10.
Listing 3-10 Assembly Descriptor Element for the Discount JavaBeans
<assembly-descriptor>
<security-role>
<description>Anonymous Users</description>
<role-name>AnonymousRole</role-name>
</security-role>
<method-permission>
<role-name>AnonymousRole</role-name>
<method>
<ejb-name>DiscountManagement</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
<method>
<ejb-name>DiscountManagement</ejb-name>
<method-name>*</method-name>
</method>
<method>
<ejb-name>DiscountAssociationMgr</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
<method>
<ejb-name>DiscountAssociationMgr</ejb-name>
<method-name>*</method-name>
</method>
</method-permission>
...
</assembly-descriptor>
Note: The <method> tag without a <method-intf> specifies the <method-name> on both the Home and Remote interfaces.
In this case, the assembly descriptor specifies that users within the security role AnonymousRole will be granted access to all the methods in the Home and Remote interfaces for the DiscountManagement and DiscountAssociationMgr JavaBeans.
Security-Role Assignments
Within the discount.jar file, the weblogic-ejb-jar.xml deployment descriptor defines the security role assignments for the Discount stateless session and entity JavaBeans, as shown in Listing 3-11. In this case, the security role AnonymousRole is assigned to the everyone principal.
Note: For more information about security roles and principals, see What Is a Security Role?.
Listing 3-11 Security Role Assignments for the Discount JavaBeans
<security-role-assignment>
<role-name>AnonymousRole</role-name>
<principal-name>everyone</principal-name>
</security-role-assignment>
document.jar
The document.jar file is a collection of EJBs that provide the document management services (searching, retrieval, and schemas).
Enterprise Bean Definitions
Table 3-6 lists the enterprise JavaBeans that are defined within the document.jar file's ejb-jar.xml deployment descriptor.
Assembly Descriptor
Within the document.jar file, the ejb-jar.xml deployment descriptor registers the Document stateless session and entity JavaBeans with the application assembly descriptor shown in Listing 3-12.
Listing 3-12 Assembly Descriptor Element for the Document JavaBeans
<assembly-descriptor>
<security-role>
<description>Anonymous Users</description>
<role-name>AnonymousRole</role-name>
</security-role>
<method-permission>
<role-name>AnonymousRole</role-name>
<method>
<ejb-name>com.beasys.commerce.axiom.document.Document
</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.axiom.document.Document
</ejb-name>
<method-intf>Remote</method-intf>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.axiom.document.
DocumentSchema</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.axiom.document.
DocumentSchema</ejb-name>
<method-intf>Remote</method-intf>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.axiom.document.
DocumentManager</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.axiom.document.
DocumentManager</ejb-name>
<method-intf>Remote</method-intf>
<method-name>*</method-name>
</method>
</method-permission>
...
</assembly-descriptor>
In this case, the assembly descriptor specifies that users within the security role AnonymousRole will be granted access to all the methods in the Home and Remote interfaces for each of the Document JavaBeans.
Security-Role Assignments
Within the document.jar file, the weblogic-ejb-jar.xml deployment descriptor defines the security role assignments for the Document stateless session and entity JavaBeans, as shown in Listing 3-13. In this case, the security role AnonymousRole is assigned to the everyone principal.
Note: For more information about security roles and principals, see What Is a Security Role?.
Listing 3-13 Security Role Assignments for the Document JavaBeans
<security-role-assignment>
<role-name>AnonymousRole</role-name>
<principal-name>everyone</principal-name>
</security-role-assignment>
ebusiness.jar
The ebusiness.jar file is a collection of EJBs that provide the commerce services, including product catalog, order, tax calculation, shipping, payment, and supporting EJB Pipeline components. For more information about these services, see the Managing Purchases and Processing Orders documentation.
Enterprise Bean Definitions
Table 3-7 lists the enterprise JavaBeans that are defined within the ebusiness.jar file's ejb-jar.xml deployment descriptor.
Security-Role References
In addition, the ejb-jar.xml deployment descriptor contains security-role reference elements for the E-business stateless session and entity JavaBeans. These elements, shown in Listing 3-14 through Listing 3-17, enable the EJBs to do programmatic security checking, if such behavior is desired.
Listing 3-14 illustrates only the Anonymous security-role reference, as it is defined for the following E-business JavaBeans:
Listing 3-14 Anonymous Security-Role Reference in the E-Business JavaBeans
<security-role-ref>
<description>This ref declares the Anonymous role for this
bean</description>
<role-name>AnonymousRole</role-name>
<role-link>AnonymousRole</role-link>
</security-role-ref>
Note: In the TaxwareTaxCalculator JavaBean's security-role reference, the <description> subelement incorrectly reads AdministrativeRole instead of AnonymousRole. However, because the description is essentially a comment, the server is not affected by it.
Listing 3-15 illustrates the Customer and Administrative security-role references, as they are defined for the following E-business JavaBeans:
Listing 3-15 Customer and Administrative Security-Role References in the E-Business JavaBeans
<security-role-ref>
<description>This ref declares the Customer role for this
bean</description>
<role-name>CustomerRole</role-name>
<role-link>CustomerRole</role-link>
</security-role-ref>
<security-role-ref>
<description>This ref declares the Administrative role for this
bean</description>
<role-name>AdministrativeRole</role-name>
<role-link>AdministrativeRole</role-link>
</security-role-ref>
Listing 3-16 Anonymous and Administrative Security-Role References in the Customer JavaBean
<security-role-ref>
<description>This ref declares the Anonymous role for this
bean</description>
<role-name>AnonymousRole</role-name>
<role-link>AnonymousRole</role-link>
</security-role-ref>
<security-role-ref>
<description>This ref declares the Administrative role for
this bean</description>
<role-name>AdministrativeRole</role-name>
<role-link>AdministrativeRole</role-link>
</security-role-ref>
Listing 3-17 illustrates the Administrative, Customer, and Anonymous security-role references, as they are defined for the following E-business JavaBeans:
Listing 3-17 Administrative, Customer, and Anonymous Security-Role References in the E-Business JavaBeans
<security-role-ref>
<description>This ref declares the Administrative role for this
bean</description>
<role-name>AdministrativeRole</role-name>
<role-link>AdministrativeRole</role-link>
</security-role-ref>
<security-role-ref>
<description>This ref declares the Customer role for this
bean</description>
<role-name>CustomerRole</role-name>
<role-link>CustomerRole</role-link>
</security-role-ref>
<security-role-ref>
<description>This ref declares the Anonymous role for this
bean</description>
<role-name>AnonymousRole</role-name>
<role-link>AnonymousRole</role-link>
</security-role-ref>
Note: For information on the differences between declarative and programmatic security, see the "Security" chapter in the Java 2 Platform Enterprise Edition Specification, v1.3
.Assembly Descriptor
Within the ebusiness.jar file, the ejb-jar.xml deployment descriptor registers the E-business stateless session and entity JavaBeans with the application assembly descriptor shown in Listing 3-18.
Listing 3-18 Assembly Descriptor Element for the E-business JavaBeans
<assembly-descriptor>
<security-role>
<description>Registered customers</description>
<role-name>CustomerRole</role-name>
</security-role>
<security-role>
<description>Administrators</description>
<role-name>AdministrativeRole</role-name>
</security-role>
<security-role>
<description>Anonymous Users</description>
<role-name>AnonymousRole</role-name>
</security-role>
<method-permission>
<role-name>AnonymousRole</role-name>
<!-- com.beasys.commerce.ebusiness.catalog.CatalogManager
-->
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.
CatalogManager</ejb-name>
<method-name>getCategoryManager</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.
CatalogManager</ejb-name>
<method-name>getProductItemManager</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.
CatalogManager</ejb-name>
<method-name>getCatalogQueryManager</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.
CatalogManager</ejb-name>
<method-name>getCustomDataManager</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.
CatalogManager</ejb-name>
<method-name>createCatalogRequest</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.
CatalogManager</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
<!-- com.beasys.commerce.ebusiness.catalog.service.category.
CategoryManager -->
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager</ejb-name>
<method-name>getCatalogManager</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager</ejb-name>
<method-name>getItems</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager</ejb-name>
<method-name>getItemKeys</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager</ejb-name>
<method-name>getParent</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager</ejb-name>
<method-name>getAncestors</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager</ejb-name>
<method-name>getRootCategory</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager</ejb-name>
<method-name>getCategoryCount</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager</ejb-name>
<method-name>getSubCategories</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager</ejb-name>
<method-name>getSubCategoryKeys</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager</ejb-name>
<method-name>getSiblings</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager</ejb-name>
<method-name>getSiblingKeys</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager</ejb-name>
<method-name>getCategories</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager</ejb-name>
<method-name>getCategoryKeys</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager</ejb-name>
<method-name>getItemCount</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager</ejb-name>
<method-name>getSubCategoryCount</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager</ejb-name>
<method-name>getSiblingCount</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager</ejb-name>
<method-name>getCategory</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager</ejb-name>
<method-name>getCategories</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager</ejb-name>
<method-name>getItemCategories</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
<!-- com.beasys.commerce.ebusiness.catalog.service.item.
ProductItemManager -->
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
item.ProductItemManager</ejb-name>
<method-name>getCatalogManager</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
item.ProductItemManager</ejb-name>
<method-name>getItemCount</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
item.ProductItemManager</ejb-name>
<method-name>getKeywords</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
item.ProductItemManager</ejb-name>
<method-name>getItemKeys</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
item.ProductItemManager</ejb-name>
<method-name>getItems</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
item.ProductItemManager</ejb-name>
<method-name>getItem</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
item.ProductItemManager</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
<!-- com.beasys.commerce.ebusiness.catalog.service.item.
JdbcProductItemManager -->
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
item.JdbcProductItemManager</ejb-name>
<method-name>getCatalogManager</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
item.JdbcProductItemManager</ejb-name>
<method-name>getItemCount</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
item.JdbcProductItemManager</ejb-name>
<method-name>getKeywords</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
item.JdbcProductItemManager</ejb-name>
<method-name>getItemKeys</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
item.JdbcProductItemManager</ejb-name>
<method-name>getItems</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
item.JdbcProductItemManager</ejb-name>
<method-name>getItem</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
item.JdbcProductItemManager</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
<!-- com.beasys.commerce.ebusiness.catalog.service.data.
CustomDataManager -->
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
data.CustomDataManager</ejb-name>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
data.CustomDataManager</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
<!-- com.beasys.commerce.ebusiness.catalog.service.query.
CatalogQueryManager -->
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
query.CatalogQueryManager</ejb-name>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
query.CatalogQueryManager</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
<!-- com.beasys.commerce.ebusiness.catalog.service.data.
EpmCustomDataManager -->
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
data.EpmCustomDataManager</ejb-name>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
data.EpmCustomDataManager</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
<!-- com.beasys.commerce.ebusiness.catalog.service.query.
JdbcCatalogQueryManager -->
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
query.JdbcCatalogQueryManager</ejb-name>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
query.JdbcCatalogQueryManager</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
<!-- com.beasys.commerce.ebusiness.catalog.service.category.
JdbcCategoryManager -->
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager</ejb-name>
<method-name>getCatalogManager</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager</ejb-name>
<method-name>getItems</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager</ejb-name>
<method-name>getItemKeys</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager</ejb-name>
<method-name>getParent</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager</ejb-name>
<method-name>getAncestors</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager</ejb-name>
<method-name>getRootCategory</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager</ejb-name>
<method-name>getCategoryCount</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager</ejb-name>
<method-name>getSubCategories</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager</ejb-name>
<method-name>getSubCategoryKeys</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager</ejb-name>
<method-name>getSiblings</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager</ejb-name>
<method-name>getSiblingKeys</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager</ejb-name>
<method-name>getCategories</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager</ejb-name>
<method-name>getCategoryKeys</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager</ejb-name>
<method-name>getItemCount</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager</ejb-name>
<method-name>getSubCategoryCount</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager</ejb-name>
<method-name>getSiblingCount</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager</ejb-name>
<method-name>getCategory</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager</ejb-name>
<method-name>getCategories</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager</ejb-name>
<method-name>getItemCategories</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.security.
Encryptor</ejb-name>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.tax.taxware.
TaxwareTaxCalculator</ejb-name>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.customer.
Customer</ejb-name>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.shipping.
ShippingMethod</ejb-name>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.shoppingcart.
pipeline.RefreshSavedListPC</ejb-name>
<method-name>*</method-name>
</method>
</method-permission>
<method-permission>
<role-name>CustomerRole</role-name>
<!-- com.beasys.commerce.ebusiness.catalog.
CatalogManager -->
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.
CatalogManager</ejb-name>
<method-name>getCategoryManager</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.
CatalogManager</ejb-name>
<method-name>getProductItemManager</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.
CatalogManager</ejb-name>
<method-name>getCatalogQueryManager</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.
CatalogManager</ejb-name>
<method-name>getCustomDataManager</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.
CatalogManager</ejb-name>
<method-name>createCatalogRequest</method-name>
</method>
<!-- com.beasys.commerce.ebusiness.catalog.service.category.
CategoryManager -->
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager</ejb-name>
<method-name>getCatalogManager</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager</ejb-name>
<method-name>getItems</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager</ejb-name>
<method-name>getItemKeys</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager</ejb-name>
<method-name>getParent</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager</ejb-name>
<method-name>getAncestors</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager</ejb-name>
<method-name>getRootCategory</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager</ejb-name>
<method-name>getCategoryCount</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager</ejb-name>
<method-name>getSubCategories</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager</ejb-name>
<method-name>getSubCategoryKeys</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager</ejb-name>
<method-name>getSiblings</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager</ejb-name>
<method-name>getSiblingKeys</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager</ejb-name>
<method-name>getCategories</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager</ejb-name>
<method-name>getCategoryKeys</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager</ejb-name>
<method-name>getItemCount</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager</ejb-name>
<method-name>getSubCategoryCount</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager</ejb-name>
<method-name>getSiblingCount</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager</ejb-name>
<method-name>getCategory</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager</ejb-name>
<method-name>getCategories</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager</ejb-name>
<method-name>getItemCategories</method-name>
</method>
<!-- com.beasys.commerce.ebusiness.catalog.service.item.
ProductItemManager -->
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
item.ProductItemManager</ejb-name>
<method-name>getCatalogManager</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
item.ProductItemManager</ejb-name>
<method-name>getItemCount</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
item.ProductItemManager</ejb-name>
<method-name>getKeywords</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
item.ProductItemManager</ejb-name>
<method-name>getItemKeys</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
item.ProductItemManager</ejb-name>
<method-name>getItems</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
item.ProductItemManager</ejb-name>
<method-name>getItem</method-name>
</method>
<!-- com.beasys.commerce.ebusiness.catalog.service.item.
JdbcProductItemManager -->
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
item.JdbcProductItemManager</ejb-name>
<method-name>getCatalogManager</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
item.JdbcProductItemManager</ejb-name>
<method-name>getItemCount</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
item.JdbcProductItemManager</ejb-name>
<method-name>getKeywords</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
item.JdbcProductItemManager</ejb-name>
<method-name>getItemKeys</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
item.JdbcProductItemManager</ejb-name>
<method-name>getItems</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
item.JdbcProductItemManager</ejb-name>
<method-name>getItem</method-name>
</method>
<!-- com.beasys.commerce.ebusiness.catalog.service.
data.CustomDataManager -->
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
data.CustomDataManager</ejb-name>
<method-name>*</method-name>
</method>
<!-- com.beasys.commerce.ebusiness.catalog.service.
query.CatalogQueryManager -->
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
query.CatalogQueryManager</ejb-name>
<method-name>*</method-name>
</method>
<!-- com.beasys.commerce.ebusiness.catalog.service.data.
EpmCustomDataManager -->
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
data.EpmCustomDataManager</ejb-name>
<method-name>*</method-name>
</method>
<!-- com.beasys.commerce.ebusiness.catalog.service.
query.JdbcCatalogQueryManager -->
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
query.JdbcCatalogQueryManager</ejb-name>
<method-name>*</method-name>
</method>
<!-- com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager -->
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager</ejb-name>
<method-name>getCatalogManager</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager</ejb-name>
<method-name>getItems</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager</ejb-name>
<method-name>getItemKeys</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager</ejb-name>
<method-name>getParent</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager</ejb-name>
<method-name>getAncestors</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager</ejb-name>
<method-name>getRootCategory</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager</ejb-name>
<method-name>getCategoryCount</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager</ejb-name>
<method-name>getSubCategories</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager</ejb-name>
<method-name>getSubCategoryKeys</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager</ejb-name>
<method-name>getSiblings</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager</ejb-name>
<method-name>getSiblingKeys</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager</ejb-name>
<method-name>getCategories</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager</ejb-name>
<method-name>getCategoryKeys</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager</ejb-name>
<method-name>getItemCount</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager</ejb-name>
<method-name>getSubCategoryCount</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager</ejb-name>
<method-name>getSiblingCount</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager</ejb-name>
<method-name>getCategory</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager</ejb-name>
<method-name>getCategories</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager</ejb-name>
<method-name>getItemCategories</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.security.
Decryptor</ejb-name>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.payment.
CreditCardService</ejb-name>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.payment.
PaymentTransaction</ejb-name>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.shoppingcart.
pipeline.DeleteProductItemFromSavedListPC</ejb-name>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.shoppingcart.
pipeline.RefreshSavedListPC</ejb-name>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.shoppingcart.
pipeline.MoveProductItemToSavedListPC</ejb-name>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.shoppingcart.
pipeline.MoveProductItemToShoppingCartPC</ejb-name>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.order.
Order</ejb-name>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.order.
OrderManager</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
</method-permission>
<method-permission>
<role-name>AdministrativeRole</role-name>
<method>
<ejb-name>com.beasys.commerce.ebusiness.security.
Decryptor</ejb-name>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.payment.
CreditCardService</ejb-name>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.payment.
PaymentTransaction</ejb-name>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.order.
Order</ejb-name>
<method-name>*</method-name>
</method>
<!-- com.beasys.commerce.ebusiness.catalog.CatalogManager
-->
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.
CatalogManager</ejb-name>
<method-name>*</method-name>
</method>
<!-- com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager -->
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager</ejb-name>
<method-name>*</method-name>
</method>
<!-- com.beasys.commerce.ebusiness.catalog.
JdbcCategoryManager -->
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
category.JdbcCategoryManager</ejb-name>
<method-name>*</method-name>
</method>
<!-- com.beasys.commerce.ebusiness.catalog.service.item.
ProductItemManager -->
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
item.ProductItemManager</ejb-name>
<method-name>*</method-name>
</method>
<!-- com.beasys.commerce.ebusiness.catalog.service.item.
JdbcProductItemManager -->
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
item.JdbcProductItemManager</ejb-name>
<method-name>*</method-name>
</method>
<!-- com.beasys.commerce.ebusiness.catalog.service.
data.CustomDataManager -->
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
data.CustomDataManager</ejb-name>
<method-name>*</method-name>
</method>
<!-- com.beasys.commerce.ebusiness.catalog.service.query.
CatalogQueryManager -->
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
query.CatalogQueryManager</ejb-name>
<method-name>*</method-name>
</method>
<!-- com.beasys.commerce.ebusiness.catalog.service.data.
EpmCustomDataManager -->
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
data.EpmCustomDataManager</ejb-name>
<method-name>*</method-name>
</method>
<!-- com.beasys.commerce.ebusiness.catalog.service.query.
JdbcCatalogQueryManager -->
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
query.JdbcCatalogQueryManager</ejb-name>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.beasys.commerce.ebusiness.order.
OrderManager</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
</method-permission>
...
</assembly-descriptor>
Note: The <method> tag without a <method-intf> specifies the <method-name> on both the Home and Remote interfaces.
In this case, the assembly descriptor specifies that users in the AnonymousRole and CustomerRole can access the following methods in the com.beasys.commerce.ebusiness.catalog.CategoryManager JavaBean:
Note: Users in the AnonymousRole only can also access all methods for the Home interface of the CategoryManager JavaBean.
Users in the the AnonymousRole and CustomerRole can also access the following methods in the com.beasys.commerce.ebusiness.catalog.service.
category.CategoryManager and com.beasys.commerce.ebusiness.catalog.
service.category.JdbcCategoryManager JavaBeans:
Note: Users in the AnonymousRole only can also access all methods for the Home interface of the CategoryManager and JdbcCategoryManager JavaBeans.
Users in the AnonymousRole and CustomerRole can also access the following methods of the com.beasys.commerce.ebusiness.catalog.service.item.
ProductItemManager and com.beasys.commerce.ebusiness.catalog.
service.item.JdbcProductItemManager JavaBeans:
Note: Users in the AnonymousRole only can also access all methods for the Home interface of the ProductItemManager and JdbcProductItemManager JavaBeans.
Users in the AnonymousRole can also access all methods in the Home and Remote interfaces for the following JavaBeans:
Users in the CustomerRole can also access all methods in the Home and Remote interfaces for the following JavaBeans:
Lastly, users in the CustomerRole can access all Home methods for the com.beasys.commerce.ebusiness.order.OrderManager JavaBean.
For users in the AdministrativeRole, access to all methods in the Home and Remote interfaces is granted for each of the E-business JavaBeans, excluding com.beasys.commerce.ebusiness.order.OrderManager, to which users are only granted access to the methods in the Home interface.
Security-Role Assignments
Within the ebusiness.jar file, the weblogic-ejb-jar.xml deployment descriptor defines the security role assignments for the E-business stateless session and entity JavaBeans, as shown in Listing 3-19. In this case, the security role CustomerRole is assigned to the wlcs_customer principal, the AdministrativeRole to the admin principal, and the AnonymousRole to the everyone principal.
Note: For more information about security roles and principals, see What Is a Security Role?.
Listing 3-19 Security Role Assignments for the E-business JavaBeans
<security-role-assignment>
<role-name>CustomerRole</role-name>
<principal-name>wlcs_customer</principal-name>
</security-role-assignment>
<security-role-assignment>
<role-name>AdministrativeRole</role-name>
<principal-name>admin</principal-name>
</security-role-assignment>
<security-role-assignment>
<role-name>AnonymousRole</role-name>
<principal-name>everyone</principal-name>
</security-role-assignment>
ejbadvisor.jar
The ejbadvisor.jar file contains an EJB that provides the personalization Advisor and advislet framework. For more information about the Advisor, see "Creating Personalized Applications with the Advisor" in the Building Personalized Applications documentation.
Enterprise Bean Definitions
Table 3-8 lists the enterprise JavaBean that is defined within the ejbadvisor.jar file's ejb-jar.xml deployment descriptor.
|
Name |
Type |
|---|---|
|
com.bea.commerce.platform.advisor.EjbAdvisor |
Stateless session |
Assembly Descriptor
Within the ejbadvisor.jar file, the ejb-jar.xml deployment descriptor registers the EjbAdvisor stateless session JavaBean with the application assembly descriptor shown in Listing 3-20.
Listing 3-20 Assembly Descriptor Element for the EjbAdvisor JavaBean
<assembly-descriptor>
<security-role>
<description>Anonymous Users</description>
<role-name>AnonymousRole</role-name>
</security-role>
<method-permission>
<role-name>AnonymousRole</role-name>
<method>
<ejb-name>com.bea.commerce.platform.advisor.
EjbAdvisor</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
</method-permission>
...
</assembly-descriptor>
In this case, the assembly descriptor specifies that users within the security role AnonymousRole will be granted access to all the methods in the EjbAdvisor JavaBean's Home interface.
Security-Role Assignments
Within the ejbadvisor.jar file, the weblogic-ejb-jar.xml deployment descriptor defines the security role assignments for the EjbAdvisor stateless session JavaBean, as shown in Listing 3-21. In this case, the security role AnonymousRole is assigned to the everyone principal.
Note: For more information about security roles and principals, see What Is a Security Role?.
Listing 3-21 Security Role Assignments for the EjbAdvisor JavaBean
<security-role-assignment>
<role-name>AnonymousRole</role-name>
<principal-name>everyone</principal-name>
</security-role-assignment>
events.jar
The events.jar file contains an EJB that provides the Event Service. For more information about the Event Service, see the Events and Behavior Tracking documentation.
Enterprise Bean Definitions
Table 3-9 lists the enterprise JavaBean that is defined within the events.jar file's ejb-jar.xml deployment descriptor.
|
Name |
Type |
|---|---|
|
EventService |
Stateless session |
Assembly Descriptor
Within the events.jar file, the ejb-jar.xml deployment descriptor registers the EventService stateless session JavaBean with the application assembly descriptor shown in Listing 3-22.
Listing 3-22 Assembly Descriptor Element for the EventService JavaBean
<assembly-descriptor>
<security-role>
<description>Anonymous Users</description>
<role-name>AnonymousRole</role-name>
</security-role>
<method-permission>
<role-name>AnonymousRole</role-name>
<method>
<ejb-name>com.bea.commerce.platform.advisor.
EventService</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
</method-permission>
...
</assembly-descriptor>
In this case, the assembly descriptor specifies that users within the security role AnonymousRole will be granted access to all the methods in the EventService JavaBean's Home interface.
Security-Role Assignments
Within the events.jar file, the weblogic-ejb-jar.xml deployment descriptor defines the security role assignments for the EventService stateless session JavaBean, as shown in Listing 3-23. In this case, the security role AnonymousRole is assigned to the everyone principal.
Note: For more information about security roles and principals, see What Is a Security Role?.
Listing 3-23 Security Role Assignments for the EventService JavaBean
<security-role-assignment>
<role-name>AnonymousRole</role-name>
<principal-name>everyone</principal-name>
</security-role-assignment>
foundation.jar
The foundation.jar file is a collection of EJBs that provides the property set definitions, the property manager, and the Pipeline execution service. For more informaion about property sets and property set management, see "Creating and Managing Property Sets" in the Building Personalized Applications documentation.
Enterprise Bean Definitions
Table 3-10 lists the enterprise JavaBeans that are defined within the events.jar file's ejb-jar.xml deployment descriptor.
Assembly Descriptor
Within the foundation.jar file, the ejb-jar.xml deployment descriptor registers the Foundation stateless session and entity JavaBeans with the application assembly descriptor shown in Listing 3-24.
Listing 3-24 Assembly Descriptor Element for the Foundation JavaBeans
<assembly-descriptor>
<security-role>
<description>Anonymous Users</description>
<role-name>AnonymousRole</role-name>
</security-role>
<method-permission>
<role-name>AnonymousRole</role-name>
<method>
<ejb-name>com.beasys.commerce.foundation.property.
EntityPropertyAggregator</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
</method-permission>
<method-permission>
<role-name>AnonymousRole</role-name>
<method>
<ejb-name>com.beasys.commerce.ebusiness.catalog.service.
data.EntityPropertyManager</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
</method-permission>
<method-permission>
<role-name>AnonymousRole</role-name>
<method>
<ejb-name>com.beasys.commerce.foundation.property.
EntityPropertyManager</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
</method-permission>
<method-permission>
<role-name>AnonymousRole</role-name>
<method>
<ejb-name>com.beasys.commerce.foundation.property.
LDAPEntityPropertyManager</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
</method-permission>
<method-permission>
<role-name>AnonymousRole</role-name>
<method>
<ejb-name>com.beasys.commerce.foundation.property.
DirectPropertyManager</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
</method-permission>
<method-permission>
<role-name>AnonymousRole</role-name>
<method>
<ejb-name>com.beasys.commerce.foundation.property.
SchemaManager</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
</method-permission>
<method-permission>
<role-name>AnonymousRole</role-name>
<method>
<ejb-name>com.beasys.commerce.foundation.pipeline.
PipelineExecutor</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
</method-permission>
...
</assembly-descriptor>
In this case, the assembly descriptor specifies that users within the security role AnonymousRole will be granted access to all the methods in the each of the Foundation JavaBeans' Home interfaces.
Security-Role Assignments
Within the foundation.jar file, the weblogic-ejb-jar.xml deployment descriptor defines the security role assignments for the Foundation stateless session and entity JavaBeans, as shown in Listing 3-25. In this case, the security role AnonymousRole is assigned to the everyone principal.
Note: For more information about security roles and principals, see What Is a Security Role?.
Listing 3-25 Security Role Assignments for the Foundation JavaBeans
<security-role-assignment>
<role-name>AnonymousRole</role-name>
<principal-name>everyone</principal-name>
</security-role-assignment>
mail.jar
The mail.jar file contains an EJB that provides the outbound Mail Service. The Mail Service uses the JavaMail API to send campaign-related messages to customers, in batches. For more information about the Mail Service, see "How Campaigns Use the Mail Service" in the Developing Campaign Infrastructure documentation.
Enterprise Bean Definitions
Table 3-11 lists the enterprise JavaBean that is defined within the mail.jar file's ejb-jar.xml deployment descriptor.
|
Name |
Type |
|---|---|
|
MailService |
Stateless session |
Assembly Descriptor
Within the mail.jar file, the ejb-jar.xml deployment descriptor registers the MailService stateless session JavaBean with the application assembly descriptor shown in Listing 3-26.
Listing 3-26 Assembly Descriptor Element for the MailService JavaBean
<assembly-descriptor>
<security-role>
<description>Anonymous Users</description>
<role-name>AnonymousRole</role-name>
</security-role>
<security-role>
<description>Administrative Users</description>
<role-name>AdminRole</role-name>
</security-role>
<method-permission>
<role-name>AnonymousRole</role-name>
<method>
<ejb-name>MailService</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
<method>
<ejb-name>MailService</ejb-name>
<method-intf>Remote</method-intf>
<method-name>sendMail</method-name>
</method>
<method>
<ejb-name>MailService</ejb-name>
<method-intf>Remote</method-intf>
<method-name>addToBatch</method-name>
</method>
<method>
<ejb-name>MailService</ejb-name>
<method-intf>Remote</method-intf>
<method-name>getTextFromJSP</method-name>
</method>
<method>
<ejb-name>MailService</ejb-name>
<method-intf>Remote</method-intf>
<method-name>getJSPResults</method-name>
</method>
</method-permission>
<!-- Permissions for the AdminRole -->
<method-permission>
<role-name>AdminRole</role-name>
<method>
<ejb-name>MailService</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
<method>
<ejb-name>MailService</ejb-name>
<method-intf>Remote</method-intf>
<method-name>*</method-name>
</method>
</method-permission>
...
</assembly-descriptor>
In this case, the assembly descriptor specifies that users within the security role AnonymousRole will be granted access to all the methods in the MailService JavaBean's Home interface, and the following methods in the Remote interface:
Further, users within the security role AdminRole will be granted access to all the methods in the MailService JavaBean's Home and Remote interfaces.
Security-Role Assignments
Within the mail.jar file, the weblogic-ejb-jar.xml deployment descriptor defines the security role assignments for the MailService stateless session JavaBean, as shown in Listing 3-27. In this case, the security role AnonymousRole is assigned to the everyone principal, and the AdminRole is assigned to the admin and system principals.
Note: For more information about security roles and principals, see What Is a Security Role?.
Listing 3-27 Security Role Assignments for the MailService JavaBean
<security-role-assignment>
<role-name>AnonymousRole</role-name>
<principal-name>everyone</principal-name>
</security-role-assignment>
<security-role-assignment>
<role-name>AdminRole</role-name>
<principal-name>admin</principal-name>
<principal-name>system</principal-name>
</security-role-assignment>
placeholder.jar
The placeholder.jar file is a collection of EJBs that provide the placeholder, ads, and ad bucket services. For more information, see "Working with Ad Placeholders" in the Building Personalized Applications documentation.
Enterprise Bean Definitions
Table 3-12 lists the enterprise JavaBeans that are defined within the placeholder.jar file's ejb-jar.xml deployment descriptor.
Assembly Descriptor
Within the placeholder.jar file, the ejb-jar.xml deployment descriptor registers the Placeholder stateless session JavaBeans with the application assembly descriptor shown in Listing 3-28.
Listing 3-28 Assembly Descriptor Element for the Placeholder JavaBeans
<assembly-descriptor>
<security-role>
<description>Anonymous Users</description>
<role-name>AnonymousRole</role-name>
</security-role>
<security-role>
<description>Administrative Users</description>
<role-name>AdminRole</role-name>
</security-role>
<!-- Permissions for the AnonymousRole -->
<method-permission>
<role-name>AnonymousRole</role-name>
<method>
<ejb-name>com.bea.commerce.platform.placeholder.
PlaceholderService</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.bea.commerce.platform.placeholder.
PlaceholderService</ejb-name>
<method-intf>Remote</method-intf>
<method-name>getContent</method-name>
</method>
<method>
<ejb-name>com.bea.commerce.platform.placeholder.
PlaceholderService</ejb-name>
<method-intf>Remote</method-intf>
<method-name>previewContent</method-name>
</method>
<method>
<ejb-name>com.bea.commerce.platform.placeholder.
PlaceholderService</ejb-name>
<method-intf>Remote</method-intf>
<method-name>setPreviewSlot</method-name>
</method>
<method>
<ejb-name>com.bea.commerce.platform.placeholder.
PlaceholderService</ejb-name>
<method-intf>Remote</method-intf>
<method-name>removePreviewSlot</method-name>
</method>
<method>
<ejb-name>com.bea.commerce.platform.ad.
AdBucketService</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.bea.commerce.platform.ad.
AdBucketService</ejb-name>
<method-intf>Remote</method-intf>
<method-name>getContent</method-name>
</method>
<method>
<ejb-name>com.bea.commerce.platform.ad.
AdBucketService</ejb-name>
<method-intf>Remote</method-intf>
<method-name>userAddAd</method-name>
</method>
<method>
<ejb-name>com.bea.commerce.platform.ad.
AdBucketService</ejb-name>
<method-intf>Remote</method-intf>
<method-name>globalAddAd</method-name>
</method>
<method>
<ejb-name>com.bea.commerce.platform.ad.
AdBucketService</ejb-name>
<method-intf>Remote</method-intf>
<method-name>previewContent</method-name>
</method>
<method>
<ejb-name>com.bea.commerce.platform.ad.
AdConflictResolver</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.bea.commerce.platform.ad.
AdConflictResolver</ejb-name>
<method-intf>Remote</method-intf>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.bea.commerce.platform.ad.
AdService</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.bea.commerce.platform.ad.
AdService</ejb-name>
<method-intf>Remote</method-intf>
<method-name>*</method-name>
</method>
</method-permission>
<!-- Permissions for the AdminRole -->
<method-permission>
<role-name>AdminRole</role-name>
<method>
<ejb-name>com.bea.commerce.platform.placeholder.
PlaceholderService</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.bea.commerce.platform.placeholder.
PlaceholderService</ejb-name>
<method-intf>Remote</method-intf>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.bea.commerce.platform.ad.
AdBucketService</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.bea.commerce.platform.ad.
AdBucketService</ejb-name>
<method-intf>Remote</method-intf>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.bea.commerce.platform.ad.
AdConflictResolver</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.bea.commerce.platform.ad.
AdConflictResolver</ejb-name>
<method-intf>Remote</method-intf>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.bea.commerce.platform.ad.
AdService</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
<method>
<ejb-name>com.bea.commerce.platform.ad.
AdService</ejb-name>
<method-intf>Remote</method-intf>
<method-name>*</method-name>
</method>
</method-permission>
...
</assembly-descriptor>
In this case, the assembly descriptor specifies that users within the security role AnonymousRole will be granted access to all the methods in each of the Placeholder JavaBeans' Home interface. The com.beasys.commerce.platform.ad.
AdConflictResolver and com.beasys.commerce.platform.ad.AdService JavaBeans also give users in the AnonymousRole access to the methods in their Remote interfaces.
The com.beasys.commerce.platform.placeholder.PlaceholderService JavaBean allows users in the AnonymousRole to access the following methods in its Remote interface:
The com.beasys.commerce.platform.ad.AdBucketService JavaBean allows users in the AnonymousRole to access the following methods in its Remote interface:
Further, users within the security role AdminRole will be granted access to all the methods in each of the Placeholder JavaBeans' Home and Remote interfaces.
Security-Role Assignments
Within the placeholder.jar file, the weblogic-ejb-jar.xml deployment descriptor defines the security role assignments for the Placeholder stateless session JavaBeans, as shown in Listing 3-29. In this case, the security role AnonymousRole is assigned to the everyone principal, and the AdminRole is assigned to the admin and system principals.
Note: For more information about security roles and principals, see What Is a Security Role?.
Listing 3-29 Security Role Assignments for the Placeholder JavaBeans
<security-role-assignment>
<role-name>AnonymousRole</role-name>
<principal-name>everyone</principal-name>
</security-role-assignment>
<security-role-assignment>
<role-name>AdminRole</role-name>
<principal-name>admin</principal-name>
<principal-name>system</principal-name>
</security-role-assignment>
portal.jar
The portal.jar file is a collection of EJBs that provide the portal server.
Enterprise Bean Definitions
Table 3-13 lists the enterprise JavaBeans that are defined within the portal.jar file's ejb-jar.xml deployment descriptor.
Security-Role References
In addition, the ejb-jar.xml deployment descriptor contains security-role reference elements for the ejb.portal.PortalManager stateless session JavaBean. These elements, shown in Listing 3-30, enable the EJB to do programmatic security checking, if such behavior is desired.
Listing 3-30 Security-Role Reference in PortalManager JavaBean
<security-role-ref>
<description>This ref declares the Anonymous role for this
bean</description>
<role-name>AnonymousRole</role-name>
<role-link>AnonymousRole</role-link>
</security-role-ref>
Note: For information on the differences between declarative and programmatic security, see the "Security" chapter in the Java 2 Platform Enterprise Edition Specification, v1.3
.Assembly Descriptor
Within the portal.jar file, the ejb-jar.xml deployment descriptor registers the Portal entity and stateless session JavaBeans with the application assembly descriptor shown in Listing 3-31.
Listing 3-31 Assembly Descriptor Element for the Portal JavaBeans
<assembly-descriptor>
<security-role>
<description>Anonymous Users</description>
<role-name>AnonymousRole</role-name>
</security-role>
<method-permission>
<role-name>AnonymousRole</role-name>
<method>
<ejb-name>ejb.portal.PortalManager</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name
</method>
</method-permission>
...
</assembly-descriptor>
In this case, the assembly descriptor specifies that users within the security role AnonymousRole will be granted access to all the methods in the ejb.portal.PortalManager JavaBean's Home interface.
Security-Role Assignments
Within the portal.jar file, the weblogic-ejb-jar.xml deployment descriptor defines the security role assignments for the Portal stateless session and entity JavaBeans, as shown in Listing 3-32. In this case, the security role AnonymousRole is assigned to the everyone principal.
Note: For more information about security roles and principals, see What Is a Security Role?.
Listing 3-32 Security Role Assignments for the Portal JavaBeans
<security-role-assignment>
<role-name>AnonymousRole</role-name>
<principal-name>everyone</principal-name>
</security-role-assignment>
priceService.jar
The priceService.jar file contains an EJB that provides the dynamic product pricing engine. For more information, see "Price Service" in the Discounts chapter of the Managing Purchases and Processing Orders documentation.
Enterprise Bean Definitions
Table 3-14 lists the enterprise JavaBean that is defined within the priceService.jar file's ejb-jar.xml deployment descriptor.
|
Name |
Type |
|---|---|
|
PriceService |
Stateless session |
Assembly Descriptor
Within the priceService.jar file, the ejb-jar.xml deployment descriptor does not register the PriceService stateless session JavaBean with an application assembly descriptor, nor does it define security roles or grant permissions on the JavaBean's methods. This is because PriceService is an EJB that had no security constraints.
Note: Other EJBs that have no security constraints may still have content within the <assembly-descriptor> element. These EJBs were written for a prior release of the BEA WebLogic Server, which required a <method> element for the Home interface even if all methods in the EJB were open.
Security-Role Assignments
Because there are no security contraints on the priceService stateless session JavaBean, the weblogic-ejb-jar.xml deployment descriptor does not define any security role assignments for it.
Note: For more information about security roles and principals, see What Is a Security Role?.
rules.jar
The rules.jar file contains an EJB that provides the Rules Manager, which is the public interface to the rules engine. For more information, see "Introducing the Rules Manager" in the Building Personalized Applications documentation.
Enterprise Bean Definitions
Table 3-15 lists the enterprise JavaBean that is defined within the rules.jar file's ejb-jar.xml deployment descriptor.
|
Name |
Type |
|---|---|
|
com.bea.commerce.platform.rules.manager.RulesManager |
Stateless session |
Assembly Descriptor
Within the rules.jar file, the ejb-jar.xml deployment descriptor registers the RulesManager stateless session JavaBean with the application assembly descriptor shown in Listing 3-33.
Listing 3-33 Assembly Descriptor Element for the RulesManager JavaBean
<assembly-descriptor>
<security-role>
<description>Administrative Users</description>
<role-name>AdministrativeRole</role-name>
</security-role>
<security-role>
<description>Rule Reading Users</description>
<role-name>RulesReaderRole</role-name>
</security-role>
<security-role>
<description>Anonymous Users</description>
<role-name>AnonymousRole</role-name>
</security-role>
<method-permission>
<role-name>AnonymousRole</role-name>
<method>
<ejb-name>com.bea.commerce.platform.rules.manager.
RulesManager</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
</method-permission>
<method-permission>
<role-name>AnonymousRole</role-name>
<method>
<ejb-name>com.bea.commerce.platform.rules.manager.
RulesManager</ejb-name>
<method-intf>Remote</method-intf>
<method-name>evaluateRuleSet</method-name>
</method>
</method-permission>
<method-permission>
<role-name>AnonymousRole</role-name>
<method>
<ejb-name>com.bea.commerce.platform.rules.manager.
RulesManager</ejb-name>
<method-intf>Remote</method-intf>
<method-name>evaluateRule</method-name>
</method>
</method-permission>
<method-permission>
<role-name>AdministrativeRole</role-name>
<method>
<ejb-name>com.bea.commerce.platform.rules.manager.
RulesManager</ejb-name>
<method-intf>Remote</method-intf>
<method-name>setRuleSet</method-name>
</method>
</method-permission>
<method-permission>
<role-name>AdministrativeRole</role-name>
<role-name>RulesReaderRole</role-name>
<method>
<ejb-name>com.bea.commerce.platform.rules.manager.
RulesManager</ejb-name>
<method-intf>Remote</method-intf>
<method-name>getRuleSet</method-name>
</method>
</method-permission>
<method-permission>
<role-name>AdministrativeRole</role-name>
<method>
<ejb-name>com.bea.commerce.platform.rules.manager.
RulesManager</ejb-name>
<method-intf>Remote</method-intf>
<method-name>getRuleSets</method-name>
</method>
</method-permission>
<method-permission>
<role-name>AdministrativeRole</role-name>
<method>
<ejb-name>com.bea.commerce.platform.rules.manager.
RulesManager</ejb-name>
<method-intf>Remote</method-intf>
<method-name>removeRuleSet</method-name>
</method>
</method-permission>
...
</assembly-descriptor>
In this case, the assembly descriptor specifies that users within the security role AnonymousRole will be granted access to all the methods in the RulesManager JavaBean's Home interface. Additionally, users within the AnonymousRole will be granted access to the evaluateRuleSet and evaluateRule methods in the Remote interface.
Users in the AdministrativeRole will be granted access to the setRuleSet, getRuleSet, getRuleSets, and removeRuleSet methods in the RulesManager JavaBean's Remote interface. Users in the RulesReaderRole will also be granted access to the getRuleSet method in the Remote interface.
Security-Role Assignments
Within the rules.jar file, the weblogic-ejb-jar.xml deployment descriptor defines the security role assignments for the RulesManager stateless session bean, as shown in Listing 3-34. In this case, the security role AdministrativeRole is assigned to the admin and system principals, the RulesReaderRole is assigned to the wlcm_internal principal, and the AnonymousRole is assigned to the everyone principal.
Note: For more information about security roles and principals, see What Is a Security Role?.
Listing 3-34 Security Role Assignments for the RulesManager JavaBean
<security-role-assignment>
<role-name>AdministrativeRole</role-name>
<principal-name>admin</principal-name>
<principal-name>system</principal-name>
</security-role-assignment>
<security-role-assignment>
<role-name>RulesReaderRole</role-name>
<principal-name>wlcm_internal</principal-name>
</security-role-assignment>
<security-role-assignment>
<role-name>AnonymousRole</role-name>
<principal-name>everyone</principal-name>
</security-role-assignment>
servicemgr.jar
The servicemgr.jar file contains an EJB that provides version information.
Enterprise Bean Definitions
Table 3-16 lists the enterprise JavaBean that is defined within the servicemgr.jar file's ejb-jar.xml deployment descriptor.
|
Name |
Type |
|---|---|
|
com.beasys.commerce.servicemanager. |
Stateless session |
Assembly Descriptor
Within the servicemgr.jar file, the ejb-jar.xml deployment descriptor registers the CommerceServiceManager stateless session JavaBean with the application assembly descriptor shown in Listing 3-35.
Listing 3-35 Assembly Descriptor Element for the CommerceServiceManager JavaBean
<assembly-descriptor>
<security-role>
<description>Anonymous Users</description>
<role-name>AnonymousRole</role-name>
</security-role>
<method-permission>
<role-name>AnonymousRole</role-name>
<method>
<ejb-name>com.beasys.commerce.servicemanager.
CommerceServiceManager</ejb-name>
<method-intf>Home</method-intf>
<method-name>*</method-name>
</method>
</method-permission>
</assembly-descriptor>
In this case, the assembly descriptor specifies that users within the security role AnonymousRole will be granted access to all the methods in the CommerceServiceManager JavaBean's Home interface.
Security-Role Assignments
Within the servicemgr.jar file, the weblogic-ejb-jar.xml deployment descriptor defines the security role assignments for the CommerceServiceManager stateless session JavaBean, as shown in Listing 3-36. In this case, the security role AnonymousRole is assigned to the everyone principal.
Note: For more information about security roles and principals, see What Is a Security Role?.
Listing 3-36 Security Role Assignments for the CommerceServiceManager JavaBean
<security-role-assignment>
<role-name>AnonymousRole</role-name>
<principal-name>everyone</principal-name>
</security-role-assignment>
uupexample.jar
The uupexample.jar file contains an EJB that provides an example of the Unified User Profile (UUP). For more information about UUP, see "Unified User Profiles" in the Creating and Managing Users chapter of the Building Personalized Applications documentation.
Enterprise Bean Definitions
Table 3-17 lists the enterprise JavaBean that is defined within the uupexample.jar file's ejb-jar.xml deployment descriptor.
|
Name |
Type |
|---|---|
|
examples.usermgmt.UnifiedUser |
Entity |
Assembly Descriptor
Within the uupexample.jar file, the ejb-jar.xml deployment descriptor does not register the UnifiedUser entity JavaBean with an application assembly descriptor, nor does it define security roles or grant permissions on the JavaBean's methods. This is because UnifiedUser is an EJB that had no security constraints.
Note: Other EJBs that have no security constraints may still have content within the <assembly-descriptor> element. These EJBs were written for a prior release of the BEA WebLogic Server, which required a <method> element for the Home interface even if all methods in the EJB were open.
Security-Role Assignments
Because there are no security contraints on the UnifiedUser entity JavaBean, the weblogic-ejb-jar.xml deployment descriptor does not define any security role assignments for it.
Note: For more information about security roles and principals, see What Is a Security Role?.
|
|
|
|
|
|
Copyright ©
2001 BEA Systems, Inc. All rights reserved.
|