Creating the Permission Class for the EJB Methods

Use

The next step in specifying which activities are to be protected with authorizations is to create a permission class to use for the EJB methods.

For your permission class, you will extend the pre-defined ActionPermission class. You will use this class to differentiate between the actions for viewing, creating, and canceling reservations for the different car types.

For more information about the types of permission classes available, see Permission Class for Your Application.

Prerequisites

The J2EE perspective is displayed in the SAP NetWeaver Developer Studio.

The quick car rental application’s projects are displayed in the J2EE Explorer.

Procedure

...

       1.      Select the J2EE_QuickCarRentalEjb project, open the context menu with the right mouse button and choose New  ® Java Class…

The New Java Class dialog appears.

       2.      Enter com.sap.engine.examples.ejb.quickcarrental in the Package: field.

       3.      Enter QuickReservationEjbPermission in the Name: field.

       4.      Enter com.sap.security.api.permissions.ActionPermission in the Superclass field (or use the Browse... function).

       5.      For the method stubs, select Constructors from superclass and Inherited abstract methods. See the figure below.

       6.      Choose Finish to continue.

The Developer Studio creates the QuickReservationEjbPermission, which extends the ActionPermissionclass.

       7.      Change the arguments (arg0, arg1) for the QuickReservationEjbPermission to cartype and action.

       8.      Delete the // TODO Auto-generated constructor stub line.

       9.      Save the file.

Result

The Java class QuickReservationPermission is created. See the code sample below.

package com.sap.engine.examples.ejb.quickcarrental;

import com.sap.security.api.permissions.ActionPermission;

public class QuickReservationEjbPermission extends ActionPermission {

   /**
    
* @param cartype
  
 * @param action
    
*/

  
public QuickReservationEjbPermission(String cartype, String action) {
     
super(cartype, action);
   }
}

Next Step:

Obtaining the User ID from the Context