[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Restrict Access to specific methods in applications

Posted on 2005-05-02
8
Medium Priority
?
337 Views
Last Modified: 2013-12-10
Hi
  In my weblogic server there are many applications running.For different groups of users dependign on their group i have to restrict them to certain methods in  the application.Is this possible.Please let me know.can this functionality be specifed in the security roles?

Thanks
0
Comment
Question by:koppcha
7 Comments
 
LVL 8

Author Comment

by:koppcha
ID: 13912651
To be more specific here are the details
   We have two main weblogic servers  and they communicate with one another according to the requirements.Under weblogic server 1 with have other applications as well but all the applications will contact weblogic 2 through weblogic 1 using one specific id(currently it is like this)...
   The changes we would like to do is that we should be able to identify on weblogic 2 which application is calling it through weblogic 1.These are EJB methods that are being called.The applications in weblogic one should have access to specific methods in weblogic 2 so we should be able to restrict the applications that are trying to access methods under weblogic 2 that they do not have access to.

0
 
LVL 10

Expert Comment

by:ECollin
ID: 13924726
Hi,

I think you will be able to protect your ejbs with the J2EE security model.

Follow this lonk for more details : http://e-docs.bea.com/wls/docs81/security/ejb_client.html

Emmanuel
0
 
LVL 8

Author Comment

by:koppcha
ID: 13927383
Hi
  Thanks for responding.I resolved the issue...by changing the ejb-jar.xml and weblogic-ejb-jar.xml.Here are the changes that needs to be done..which may help others.
To restrict access to a methods to a particular group
1>Create the group in the weblogic server.you can do this by going to Security
2>In you EJB change the xml files accordingly.Sample changes are listed below.

ejb-jar.xml
<assembly-descriptor>
<security-role>
<role-name>MethodAuthentication</role-name>
</security-role>
<method-permission>
<role-name>REPORTINGAuthentication</role-name>
<method>
<ejb-name>EJBName</ejb-name>
<method-name>Method1</method-name>
</method>
</method-permission>
</assembly-descriptor>

weblogic-ejb-jar.xml
<security-role-assignment>
<role-name>MethodAuthentication</role-name>
<principal-name>User1</principal-name>
<principal-name>User2</principal-name>
</security-role-assignment>

3>Redploy your EJB

4>In the admin cosole right click on the ENB and select Define Scoped Rules.

   You should be able to find the scope that you have created in ejb-jar.xml


 
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 23

Expert Comment

by:rama_krishna580
ID: 13976133
Hi,

More in detail...

1. In an enterprise, you probably want to restrict access to critical EJB methods based on who is calling them.
2. Define method-level restrictions in the standard "ejb-jar.xml" file based on "roles" (president, admin. assistant, salesperson, customer). Use <security-role>, <role-name>, <method-permission>, <method>, <ejb-name> and <method-name> tags.
3. Map these roles to actual usernames or groups in a server-specific file. For example, in the "weblogic-ejb-jar.xml" file, use <security-role-assignment>, <role-name> and <principal-name> tags)

For more info look @ here, its provided with very good and wonderful examples ...
http://www.vipan.com/htdocs/ejb.html

R.K
0
 
LVL 8

Author Comment

by:koppcha
ID: 14073926
I am going to ask the administrator  to accept my answer and  refund on this question.Please let me know if you have any issues with this.
0
 
LVL 23

Expert Comment

by:rama_krishna580
ID: 14208327
Definitely no Issues you can get back your points Back !

R.K
0
 

Accepted Solution

by:
modulo earned 0 total points
ID: 14356931
PAQed with points refunded (500)

modulo
Community Support Moderator
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

-Xmx and -Xms are the two JVM options often used to tune JVM heap size.   Here are some common mistakes made when using them:   Assume BigApp is a java class file for the below examples. 1.         Missing m, M, g or G at the end …
Most of the developers using Tomcat find it easy to configure the datasource in Server.xml and use the JNDI name in the code to get the connection.  So the default connection pool using DBCP (or any other framework) is made available and the life go…
Are you ready to place your question in front of subject-matter experts for more timely responses? With the release of Priority Question, Premium Members, Team Accounts and Qualified Experts can now identify the emergent level of their issue, signal…
Is your OST file inaccessible, Need to transfer OST file from one computer to another? Want to convert OST file to PST? If the answer to any of the above question is yes, then look no further. With the help of Stellar OST to PST Converter, you can e…

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question