Creating the Permission Class for the EJB Methods


The next step in specifying which activities are to be protected with authorizations is to create a permission class to use for the EJB methods.

For your permission class, you will extend the pre-defined ActionPermission class. You will use this class to differentiate between the actions for viewing, creating, and canceling reservations for the different car types.

For more information about the types of permission classes available, see Permission Class for Your Application.


The J2EE perspective is displayed in the SAP NetWeaver Developer Studio.

The quick car rental application’s projects are displayed in the J2EE Explorer.



       1.      Select the J2EE_QuickCarRentalEjb project, open the context menu with the right mouse button and choose New  ® Java Class…

The New Java Class dialog appears.

       2.      Enter in the Package: field.

       3.      Enter QuickReservationEjbPermission in the Name: field.

       4.      Enter in the Superclass field (or use the Browse... function).

       5.      For the method stubs, select Constructors from superclass and Inherited abstract methods. See the figure below.

       6.      Choose Finish to continue.

The Developer Studio creates the QuickReservationEjbPermission, which extends the ActionPermissionclass.

       7.      Change the arguments (arg0, arg1) for the QuickReservationEjbPermission to cartype and action.

       8.      Delete the // TODO Auto-generated constructor stub line.

       9.      Save the file.


The Java class QuickReservationPermission is created. See the code sample below.



public class QuickReservationEjbPermission extends ActionPermission {

* @param cartype
 * @param action

public QuickReservationEjbPermission(String cartype, String action) {
super(cartype, action);

Next Step:

Obtaining the User ID from the Context