Given a security-related deployment descriptor tag, identify correct and incorrect statements and code related to that tag.

This page discusses - Given a security-related deployment descriptor tag, identify correct and incorrect statements and code related to that tag.

Ads

Tutorials   
Chapter 5. Client View of an Entity Identify correct and incorrect statements about the Application Assembler's responsibilities, including the use of deployment descriptor elements related to transactions and the identifica Given a list of responsibilities, identify whose which are the Container's with respect to transactions, including the handling of getRollbackOnly, setRollbackOnly, getUserTransacti EJB Transactional Attributes Chapter 11. Transactions Given a list of scenarios, identify which will result in an ejbRemove method not being called on a bean instance. Given a list of responsibilities related to session beans, identify those which are the responsibility of the session bean provider and those which are the responsibility of the EJB contai Given a list of methods for a stateful or stateless session bean class, define which of the following operations can be performed from each of those methods: SessionContext interface metho Chapter 4. Session Bean Life Cycle Identify correct and incorrect statements or examples about the client view of a session bean's local and remote component interfaces. Identify the interface and method for each of the following: retrieve the session bean's remote home interface, retrieve the session bean's local component interface, determine if the sessio Match the correct description about purpose and function to which session bean type they apply: stateless, stateful, or both. Chapter 14. Security Management Given a security-related deployment descriptor tag, identify correct and incorrect statements and code related to that tag. Given a list of responsibilities, identify which belong to the deployer, bean provider, application assembler, container provider, system administrator, or any combination. From a list of responsibilities, identify which belong to the application assembler, bean provider, deployer, container provider, or system administrator. Part I. Exam Objectives Preface Identify the interfaces and methods a JMS message-driven bean must implement. Identify the use and behavior of the MessageDrivenContext interface methods. SCBCD Study Guide Given a list of responsibilities related to exceptions, identify those which are the bean provider's, and those which are the responsibility of the container provider. Be prepared to recog Given a particular method condition, identify the following: whether an exception will be thrown, the type of exception thrown, the container's action, and the client's view. Identify correct and incorrect statements or examples about application exceptions and system exceptions in entity beans, session beans, and message-driven beans. Identify correct and incorrect statements or examples about the client's view of exceptions received from an enterprise bean invocation. Identify correct and incorrect statements or examples about an entity bean's primary key and object identity. Identify the use, syntax, and behavior of, the following entity bean home method types, for Container-Managed Persistence (CMP); finder methods, create methods, remove methods, and home me Chapter 8. Entity Beans Chapter 13. Enterprise Bean Environment Chapter 2. Client View of a Session Bean Match EJB roles with the corresponding description of the role's responsibilities, where the description may include deployment descriptor information. Given a list, identify which are requirements for an EJB-jar file. Identify correct and incorrect statements or examples about the client view of a entity bean's remote component interface (EJBObject). Identify correct and incorrect conditional expressions, BETWEEN expressions, IN expressions, LIKE expressions, and comparison expressions. Identify correct and incorrect statements or examples about the purpose and use of EJB QL. Chapter 9. EJB-QL Identify correct and incorrect statements or examples about EJB programming restrictions. Chapter 1. EJB Overview Identify EJB 2.0 container requirements. Identify correct and incorrect statements or examples about the client view of an entity bean's local component interface (EJBLocalObject). Chapter 12. Exceptions Identify the use and the behavior of the ejbPassivate method in a session bean, including the responsibilities of both the container and the bean provider. Identify correct and incorrect statements about the purpose and use of the deployment descriptor elements for environment entries, EJB references, and resource manager connection factory r Chapter 10. Message-Driven Bean Component Contract Given a code listing, determine whether it is a legal and appropriate way to programmatically access a caller's security context. From a list, identify the responsibility of the container for a CMP entity bean, including but not limited to: setEntityContext, unsetEntityContext, ejbCreate, ejbPostCreate, ejbActi Identify correct and incorrect statements or examples about the rules and semantics for relationship assignment and relationship updating in a CMP bean. Chapter 7. CMP Entity Bean Life Cycle From a list, identify the purpose, behavior, and responsibilities of the bean provider for a CMP entity bean, including but not limited to: setEntityContext, unsetEntityContext, ejbC Identify correctly-implemented deployment descriptor elements for a CMP bean (including container-managed relationships).
Ads

Given a security-related deployment descriptor tag, identify correct and incorrect statements and code related to that tag.

The following example illustrates a security role definition (made by Application Assembler) in a deployment descriptor:


<assembly-descriptor>

	<security-role>
		<description>
			This role includes the employees of the
			enterprise who are allowed to access the
			employee self-service application. This role
			is allowed only to access his/her own
			information.
		</description>
		<role-name>employee</role-name>
	</security-role>

	<security-role>
		<description>
			This role includes the employees of the human
			resources department. The role is allowed to
			view and update all employee records.
		</description>
		<role-name>hr-department</role-name>
	</security-role>

	<security-role>
		<description>
			This role includes the employees of the payroll
			department. The role is allowed to view and
			update the payroll entry for any employee.
		</description>
		<role-name>payroll-department</role-name>
	</security-role>

	<security-role>
		<description>
			This role should be assigned to the personnel
			authorized to perform administrative functions
			for the employee self-service application.
			This role does not have direct access to
			sensitive employee and payroll information.
		</description>
		<role-name>admin</role-name>
	</security-role>

</assembly-descriptor>

					

The following example illustrates how an enterprise bean's references to security roles are declared in the deployment descriptor (defined by Bean Provider):


<enterprise-beans>
	...
	<entity>
		<ejb-name>AardvarkPayroll</ejb-name>
		<ejb-class>com.aardvark.payroll.PayrollBean</ejb-class>
		...
		<security-role-ref>
			<description>
				This security role should be assigned to the
				employees of the payroll department who are
				allowed to update employees' salaries.
			</description>
			<role-name>payroll</role-name>
		</security-role-ref>
		...
	</entity>
	...
</enterprise-beans>

					
The deployment descriptor above indicates that the enterprise bean AardvarkPayroll makes the security check using isCallerInRole("payroll") in its business method.

The following deployment descriptor example shows how to link (by Application Assembler) the security role reference named payroll to the security role named payroll-department:


<entity>
	<ejb-name>AardvarkPayroll</ejb-name>
	<ejb-class>com.aardvark.payroll.PayrollBean</ejb-class>
	...
	<security-role-ref>
		<description>
			This role should be assigned to the
			employees of the payroll department.
			Members of this role have access to
			anyone's payroll record.
			The role has been linked to the
			payroll-department role.
		</description>
		<role-name>payroll</role-name>
		<role-link>payroll-department</role-link>
	</security-role-ref>
	...
</entity>

					

The following example illustrates how security roles are assigned method permissions (by Application Assembler) in the deployment descriptor:


<assembly-descriptor>
	<method-permission>
		<role-name>employee</role-name>
		<method>
			<ejb-name>EmployeeService</ejb-name>
			<method-name>*</method-name>
		</method>
	</method-permission>

	<method-permission>
		<role-name>employee</role-name>
		<method>
			<ejb-name>AardvarkPayroll</ejb-name>
			<method-name>findByPrimaryKey</method-name>
		</method>
		<method>
			<ejb-name>AardvarkPayroll</ejb-name>
			<method-name>getEmployeeInfo</method-name>
		</method>
		<method>
			<ejb-name>AardvarkPayroll</ejb-name>
			<method-name>updateEmployeeInfo</method-name>
		</method>
	</method-permission>

	<method-permission>
		<role-name>payroll-department</role-name>
		<method>
			<ejb-name>AardvarkPayroll</ejb-name>
			<method-name>findByPrimaryKey</method-name>
		</method>
		<method>
			<ejb-name>AardvarkPayroll</ejb-name>
			<method-name>getEmployeeInfo</method-name>
		</method>
		<method>
			<ejb-name>AardvarkPayroll</ejb-name>
			<method-name>updateEmployeeInfo</method-name>
		</method>
		<method>
			<ejb-name>AardvarkPayroll</ejb-name>
			<method-name>updateSalary</method-name>
		</method>
	</method-permission>

	<method-permission>
		<role-name>admin</role-name>
		<method>
			<ejb-name>EmployeeServiceAdmin</ejb-name>
			<method-name>*</method-name>
		</method>
	</method-permission>
</assembly-descriptor>

					

The following example illustrates the definition of a security-identity identity in the deployment descriptor (by Application Assembler):


<enterprise-beans>

	<entity>
		<ejb-name>Account</ejb-name>
		......
		<security-identity>
			<description>security description</description>
			<run-as>
				<description>role 'accountRole' description</description>
				<role-name>accountRole</role-name> 
			</run-as>
		</security-identity>
	</entity>

	<entity>
		<ejb-name>Customer</ejb-name>
		......
		<security-identity>
			<use-caller-identity/> 
		</security-identity>
	</entity>

</enterprise-beans>

					
NOTE, use-caller-identity cannot be used for message-driven.

Visit http://java.boot.by  for the updates.

Advertisements

Share on Google+Share on Google+

Given a security-related deployment descriptor tag, identify correct and incorrect statements and code related to that tag.

Posted on: April 18, 2011 If you enjoyed this post then why not add us on Google+? Add us to your Circles

Advertisements

 

Discuss: Given a security-related deployment descriptor tag, identify correct and incorrect statements and code related to that tag.  

Post your Comment


Your Name (*) :
Your Email :
Subject (*):
Your Comment (*):
  Reload Image
 
 
Comments:0

Ads

 

Ads