Adding access control methods to the bean
If your new bean is to be protected under access control, you must add the getOwner method. Another method that is optional for access control purposes is the fulfills method. For details about required and optional methods, refer to Implementing access control in enterprise beans.
Before you begin
About this task
To add access control methods to the new bean:
Procedure
- In the J2EE Hierarchy view, double-click the yourNewBeanBean class to open it and view its source code.
- Into the
source code, add a getOwner method that includes logic
to return the owner of this resource. For example, to return the owner
of
the UserRes bean, you would return the member ID of the user:
public java.lang.Long getOwner() throws java.lang.Exception { return getMemberId(); }
- For the purpose of this example,
you would add a fulfills method
that specifies what relationship the user must satisfy before they
are allowed
to act upon this resource. In this case, you would specify that only
the creator
of this UserRes object is allowed to take action. In other words,
each user
is only allowed to take action upon their own UserRes object. This
relationship
requirement is shown in the following code snippet:
public boolean fulfills(Long member, String relationship) throws java.lang.Exception { if ("creator".equalsIgnoreCase(relationship)) { return member.equals(getMemberId()); } return false; }
- Save your work.
- Proceed to mapping the database table to the new enterprise bean.