Class: com.sybase.djc.ant.AccessControlProperty (Access Control Property) EAServer 6.3 Help
Description This property is used to configure port-based and role-based access control for a deployed component or package.
Configuration

Configuration is achieved using an XML (Ant) configuration script, such as the following: 

<project name="ejbjar-example-user">
  <import file="ant-config-tasks.xml"/>
  <target name="configure-user">
    <setProperties component="ejb.components.example.ShoppingCartRemote">
      <accessControl
        type="default"
        auditDeny="true"
        auditPermit="true"
        />
      <denyAccess roles="d1,d2"/>
      <permitAccess roles="p1,p2"/>
    </setProperties>
    <setProperties component="ejb.components.example.ProductCatalogRemote">
      <accessControl
        type="none"
        />
    </setProperties>
    <setProperties package="ejb.components.example">
      <accessControl
        type="default"
        auditDeny="false"
        auditPermit="false"
        />
    </setProperties>
  </target>
</project>
This example assumes the prior deployment of an EJB-JAR file named example.jar. The above script would be placed in file ejbjar-example-user.xml in the config directory of your EAServer installation. To run the script, assuming that the bin directory of your EAServer installation is in the PATH, you would use one of the the following commands: 
recompile ejbjar-example-user      (Windows)

recompile.sh ejbjar-example-user   (Unix / Linux)

Alternatively, the above script can be named sybase-ejbjar-config.xml and placed alongside ejb-jar.xml in the META-INF directory inside an EJB-JAR file (prior to deployment).

Notes:

  1. This property should be used together with the Deny Access Property or the Permit Access Property (or both).
  2. This property can be set at component or package level.
  3. This property can be used with web components, in which case it will supplement the security-constraint elements in WEB-INF/web.xml.
Nested Properties auditDeny, auditPermit, remoteOnly, type

Property: auditDeny (Audit Access Denied)
Description If "true", enables auditing whenever method access is denied. Audit records are written to the server log. Additionally, the security domain auditAccessDenied property must also be "true".
Only Used If Property type has the value "default".
Default Value false
Legal Values false, true

Property: auditPermit (Audit Access Permitted)
Description If "true", enables auditing whenever method access is permitted. Audit records are written to the server log. Additionally, the security domain auditAccessPermitted property must also be "true".
Only Used If Property type has the value "default".
Default Value false
Legal Values false, true

Property: remoteOnly (Remote Only)
Description If "true", this enables access control only for calls made through remote interfaces, i.e. it disables access control for calls made through local interfaces.
Only Used If Property type has the value "default".
Default Value false
Legal Values false, true

Property: type (Access Control Type)
Description
  • The value "default" specifies that port-based or role-based access control should be enforced according to the Deny Access and Permit Access properties.
  • The value "none" specifies that no port-based or role-based access control should be enforced. If "none" is specified, then the Deny Access and Permit Access properties will be ignored.
  • The value "jacc" specifies that policy-based access control should be enforced (see accessControlPolicy). If "jacc" is specified, then the Deny Access and Permit Access properties will be ignored. The necessary code generation for access control with JACC (Java™ Authorization Contract for Containers) is performed at deployment time.
Default Value default