You can define access roles for the EJB layer in order to assign multiple security permissions to a user or web client at once. EJB roles can be used to secure MIDM users and other clients accessing the master index application, such as web services. Roles are defined in an XML file, security.xml. The following table describes the elements of the security configuration file. The default user, MasterIndex.Admin, is not defined in this file, but it gives access to all functions.
Table 3 EJB User Role Configuration Elements
Element |
Description |
---|---|
ejbSecurity |
An indicator of whether EJB security is enabled. Enter ON to enable web service security; enter OFF to disable web service security. |
role |
A definition for one EJB user role. Each role element contains a name for the user role and a list of security permissions. |
role-name |
The name of the EJB user role, such as DataProcessor. |
operation |
A list of master controller functions to assign to the user role. |
name |
The name of a master controller function to add to the current user role. Functions are listed under EJB Security Functions. |