What are the responsibilities of an application assembler in implementing security?

An application assembler has the following security-related responsibilities in EJB:

• Declaring security roles in the deployment descriptor in the <security-role> element.
• Mapping security roles with the role-references using the <role-link> element.
• Declaring method permissions for each security role using the <method-permission> element.
• Making certain methods inaccessible using the <exclude-list> so that they can never be called by any client.
• Excluding certain methods from being checked for authorization using the <unchecked/> element.

Other than these, the application assembler may or may not define an optional description element that helps the deployer to map the abstract role names to the real users.

• Pass CIW Professional in first attampt.
• Click here to get free master-ciw-enterprise-developer Master CIW Enterprise Developer exam practice questions.
• Become SUN SCBCD certified.
• Download free practice test for CIW CIW - Enterprise Specialist exam.
• Get certified in first attempt download CX310-090 - SCBCD EJB Java simulation.
• Become SUN SCBCD Java 5.0 certified.
• Download free practice test for SUN SCBCD Java Upgrade exam.

• Previous Entry: How to deploy and run an EJB application using a J2EE server.
• Next Entry: What are the responsibilities of a deployer in implementing security in EJB?