If J2EE Authentication on the system is enabled, you must enable the security for each enterprise bean in the deployment descriptors.
Under the <enterprise-beans> section of the ejb-jar.xml file, three integration EJBs are deployed with a default value of 1, which indicates that no authentication is required.
The <ejg-name> to service mapping is:
<ejb-name> | Service |
---|---|
enterpriseservice | Enterprise Service |
mosservice | Object Structure Service |
actionservice | Standard Service |
<enterprise-beans>
<session id="Session_enterpriseservice">
<ejb-name>enterpriseservice</ejb-name>
<home>psdi.iface.gateway.MEAGatewayHome</home>
<remote>psdi.iface.gateway.MEAGateway</remote>
<local-home>psdi.iface.gateway.MEAGatewayHomeLocal</local-home>
<local>psdi.iface.gateway.MEAGatewayLocal</local>
<ejb-class>psdi.iface.gateway.MEAGatewayBean</ejb-class>
<session-type>Stateless</session-type>
<transaction-type>Container</transaction-type>
<env-entry>
<env-entry-name>ALLOWDFLTLOGIN</env-entry-name>
<env-entry-type>java.lang.String</env-entry-type>
<env-entry-value>0</env-entry-value>
</env-entry>
<security-role-ref>
<description>
Application Users
</description>
<role-name>maximouser</role-name>
<role-link>maximouser</role-link>
</security-role-ref>
</session>
<session id="Session_mosservice">
<ejb-name>mosservice</ejb-name>
<home>psdi.iface.mos.MOSServiceHome</home>
<remote>psdi.iface.mos.MOSServiceRemote</remote>
<local-home>psdi.iface.mos.MOSServiceHomeLocal</local-home>
<local>psdi.iface.mos.MOSServiceLocal</local>
<ejb-class>psdi.iface.mos.MOSServiceBean</ejb-class>
<session-type>Stateless</session-type>
<transaction-type>Container</transaction-type>
<env-entry>
<env-entry-name>ALLOWDFLTLOGIN</env-entry-name>
<env-entry-type>java.lang.String</env-entry-type>
<env-entry-value>0</env-entry-value>
</env-entry>
<security-role-ref>
<description>
Application Users
</description>
<role-name>maximouser</role-name>
<role-link>maximouser</role-link>
</security-role-ref>
</session>
<session id="Session_actionservice">
<ejb-name>actionservice</ejb-name>
<home>psdi.iface.action.MAXActionServiceHome</home>
<remote>psdi.iface.action.MAXActionServiceRemote</remote>
<local-home>psdi.iface.action.MAXActionServiceHomeLocal</local-home>
<local>psdi.iface.action.MAXActionServiceLocal</local>
<ejb-class>psdi.iface.action.MAXActionServiceBean</ejb-class>
<session-type>Stateless</session-type>
<transaction-type>Container</transaction-type>
<env-entry>
<env-entry-name>ALLOWDFLTLOGIN</env-entry-name>
<env-entry-type>java.lang.String</env-entry-type>
<env-entry-value>0</env-entry-value>
</env-entry>
<security-role-ref>
<description>
Application Users
</description>
<role-name>maximouser</role-name>
<role-link>maximouser</role-link>
</security-role-ref>
</session>
Client programs call the secure version of the enterprise bean methods for each service type:
Properties env = new Properties();
.
.
.
if(userid != null && password != null)
{
env.put(Context.SECURITY_CREDENTIALS, password);
env.put(Context.SECURITY_PRINCIPAL, userid);
}
Context ctx = new IntialContext(env);
//instead of using the default IntialContext() constructor
–Djava.naming.security.principal=<username>
–Djava.naming.security.credentials=<password>
The SSL version of the Internet Inter-ORB protocol performs data encryption in the provider URL, while the system communicates with the enterprise bean.