Red Hat Training

A Red Hat training course is available for Red Hat JBoss Enterprise Application Platform

Chapter 20. Development Security References

20.1. EJB Security Parameter Reference

Table 20.1. EJB security parameter elements

Element Description
<security-identity>
Contains child elements pertaining to the security identity of an EJB.
<use-caller-identity />
Indicates that the EJB uses the same security identity as the caller.
<run-as>
Contains a <role-name> element.
<run-as-principal>
If present, indicates the principal assigned to outgoing calls. If not present, outgoing calls are assigned to a principal named anonymous.
<role-name>
Specifies the role the EJB should run as.
<description>
Describes the role named in <role-name>
.

Example 20.1. Security identity examples

The example ejb-jar.xml file below shows each tag described in Table 20.1, “EJB security parameter elements”. They can also be used inside a <session>.
<ejb-jar>
    <enterprise-beans>
        <session>
            <ejb-name>ASessionBean</ejb-name>
            <security-identity>
                <use-caller-identity/>
            </security-identity>
        </session>
        <session>
            <ejb-name>RunAsBean</ejb-name>
            <security-identity>
                <run-as>
                    <description>A private internal role</description>
                    <role-name>InternalRole</role-name>
                </run-as>
            </security-identity>
        </session>
		  <session>
			 <ejb-name>RunAsBean</ejb-name>
			 <security-identity>
				<run-as-principal>internal</run-as-principal>
			 </security-identity>
		  </session>
    </enterprise-beans>
</ejb-jar>
The above parameters can also be included in the jboss-ejb3.xml file which is discussed in more detail in Section 8.8.4, “jboss-ejb3.xml Deployment Descriptor Reference”.