This tags maps a reference to a security role used in the bean code to an EJB-scoped security role defined in the EJB project.
Class tag on entity and session beans.
@ejbgen:security-role-ref
[id="TagID"]
[role-link="RoleLink"]
role-name="RoleName"
id
Optional. Specifies the ID of the tag. For more information, see EJBGen Tag Inheritance.
role-link
Optional. References a EJB-scoped security role. If you do not specify this attribute, deployment of the bean is not possible until the role name is manually mapped the link to a security role by the deployer (administrator).
role-name
Required. Specifies the name of the security role used in the code.
When you use this tag, make sure that the EJB scoped security role is defined using the @ejbgen:role-mapping Annotation.
The following example shows the use of a manager role in the EntityContext's isCallerInRole method in a session bean. The ejbgen:security-role-ref tag at the top of the class definition maps this reference to managerLevel3. The ejbgen:role-mapping tag defines the managerLevel3 security role.
* @ejbgen:role-mapping global-role="true" role-name="managerLevel3" * @ejbgen:security-role-ref role-link="managerLevel3" role-name="manager" * ... */ public class RoleCheckerBean extends GenericSessionBean implements SessionBean { SessionContext context; public void ejbCreate() { // Your code here } /** * @ejbgen:local-method */ public String approveExpense(double amount) { if(context.isCallerInRole("manager") == false) { // not allowed to approve this expense ... } ...