If your new bean is
to be protected under access control, you must
add the getOwner method. Another method that is optional for access
control
purposes is the fulfills method. For details about required and optional
methods,
refer to Implementing access control in enterprise beans.
About this task
To add access control methods
to the new bean:
Procedure
- In the J2EE Hierarchy
view, double-click the yourNewBeanBean class
to open it and view its source code.
- Into the
source code, add a getOwner method that includes logic
to return the owner of this resource. For example, to return the owner
of
the UserRes bean, you would return the member ID of the user:
public java.lang.Long getOwner()
throws java.lang.Exception {
return getMemberId();
}
- For the purpose of this example,
you would add a fulfills method
that specifies what relationship the user must satisfy before they
are allowed
to act upon this resource. In this case, you would specify that only
the creator
of this UserRes object is allowed to take action. In other words,
each user
is only allowed to take action upon their own UserRes object. This
relationship
requirement is shown in the following code snippet:
public boolean fulfills(Long member, String relationship)
throws java.lang.Exception
{
if ("creator".equalsIgnoreCase(relationship))
{
return member.equals(getMemberId());
}
return false;
}
- Save your work.
-
Proceed to mapping
the
database table to the new enterprise bean.