Red Hat Summit Red Hat SummitSupportKonsoleEntwicklerDemo startenKontakt

Dieser Inhalt ist in der von Ihnen ausgewählten Sprache nicht verfügbar.

14.4. EJB Application Security

14.4.1. Security Identity
Link kopieren

14.4.1.1. About EJB Security Identity
Link kopieren

The security identity, which is also known as invocation identity, refers to the <security-identity> tag in the security configuration. It refers to the identity another EJB must use when it invokes methods on components.
The invocation identity can be either the current caller, or it can be a specific role. In the first case, the <use-caller-identity> tag is present, and in the second case, the <run-as> tag is used.
For information about setting the security identity of an EJB, refer to Section 14.4.1.2, “Set the Security Identity of an EJB”.
Report a bug

14.4.1.2. Set the Security Identity of an EJB
Link kopieren

Example 14.3. Set the security identity of an EJB to be the same as its caller

This example sets the security identity for method invocations made by an EJB to be the same as the current caller's identity. This behavior is the default if you do not specify a <security-identity> element declaration. 
<ejb-jar>
  <enterprise-beans>
	 <session>
		<ejb-name>ASessionBean</ejb-name>
		<!-- ... -->
		<security-identity>
		  <use-caller-identity/>
		</security-identity>
	 </session>
	 <!-- ... -->
  </enterprise-beans>
</ejb-jar>
Copy to Clipboard Toggle word wrap

Example 14.4. Set the security identity of an EJB to a specific role

To set the security identity to a specific role, use the <run-as> and <role-name> tags inside the <security-identity> tag. 
<ejb-jar>
  <enterprise-beans>
	 <session>
		<ejb-name>RunAsBean</ejb-name>
		<!-- ... -->
		<security-identity>
		  <run-as>
			 <description>A private internal role</description>
			 <role-name>InternalRole</role-name>
		  </run-as>
		</security-identity>
	 </session>
  </enterprise-beans>
  <!-- ... -->
</ejb-jar>
Copy to Clipboard Toggle word wrap
By default, when you use <run-as>, a principal named anonymous is assigned to outgoing calls. To assign a different principal, uses the <run-as-principal>. 
<session>
    <ejb-name>RunAsBean</ejb-name>
    <security-identity>
        <run-as-principal>internal</run-as-principal>
    </security-identity>
</session>
Copy to Clipboard Toggle word wrap

Note

You can also use the <run-as> and <run-as-principal> elements inside a servlet element.

See also:

Report a bug
Nach oben
Red Hat logoGithubredditYoutubeTwitter

Lernen

Testen, kaufen und verkaufen

Communitys

Über Red Hat Dokumentation

Wir helfen Red Hat Benutzern, mit unseren Produkten und Diensten innovativ zu sein und ihre Ziele zu erreichen – mit Inhalten, denen sie vertrauen können. Entdecken Sie unsere neuesten Updates.

Mehr Inklusion in Open Source

Red Hat hat sich verpflichtet, problematische Sprache in unserem Code, unserer Dokumentation und unseren Web-Eigenschaften zu ersetzen. Weitere Einzelheiten finden Sie in Red Hat Blog.

Über Red Hat

Wir liefern gehärtete Lösungen, die es Unternehmen leichter machen, plattform- und umgebungsübergreifend zu arbeiten, vom zentralen Rechenzentrum bis zum Netzwerkrand.

Theme

© 2025 Red Hat