Using constraints to model roles
Status: Inactive
Brought to you by:
mattes3
Menu
▾
▴
#16 Using constraints to model roles
Hi,
We need a way of adding secuirty roles to operations. I
think they should be modelled by a constraint in a
sequence diagram.
This would mean searching all the sequence diagrams for
each operation and filtering out the contraints.
Issues:
1) Operation is not mentioned in any sequence diagram.
We should allow any user to access this operation.
2) Operation is mentioned in sequence diagram(s) but no
role contraints are attached. We should allow any user
access to this operation
3) Operation is mentioned in more than sequence
diagram, however, role constraints are not applied to
all the operations or the constraints suggest differing
roles. This should be flagged as an error and the
developer advised of the problem.
What do you think....
Alan
Logged In: YES
user_id=191162
Oops forgot to say that the constraint would be used
generate a @ejb:permission tag with the role-name property
set to the contents of the constraint.
Perhaps we could use the unchecked property in the event of
no constraint being set in ejb 2.0