Adding access control to an existing HCL Commerce entity bean that is not already protected

If you are using an existing HCL Commerce entity bean and your application requires that the bean be protected by access control, you can add this protection.

About this task

The following list provides the high-level steps protect an existing HCL Commerce entity bean under the HCL Commerce access control system:

Procedure

  1. Open the BeanName.java class. This is the remote interface. Modify this so that it extends the com.ibm.commerce.security.Protectable interface.
  2. If a resource is going to be grouped by an attribute other than its Java class name for the purpose of applying access control policies, the remote interface of the bean must also extend the com.ibm.commerce.grouping.Groupable interface.
  3. Save your changes to the remote interface.
  4. Open the BeanNameBean.java class, where BeanName is the name of the entity bean to which you are adding access control protection.
  5. The enterprise bean class inherits default implementations for the following methods from com.ibm.commerce.base.objects.ECEntityBean:
    • getOwner
    • fulfills
    • getGroupingAttributeValue
    Override any methods that you need. At a minimum, you must override the getOwner method. Refer to Implementing access control in enterprise beans for more information about these methods.
  6. Save your changes. Regenerate the deployed and RMIC code for the bean, as well as the corresponding access bean.