• Khi bạn muốn tạo chọn tin nhắn. Một chọn tin nhắn được thiết kế để chỉ những thông điệp cụ thể, do đó làm cho nó có thể sử dụng đậu thông điệp theo định hướng như gây nên. | SUMMARY 199 Handling EIS Access Authorization An application component provider relies on both the container and the EIS for authorizing access to EIS data and functions. The application component provider specifies security requirements for application components declaratively in a deployment descriptor. A set of security roles and method permissions can be used to authorize access to methods on a component. For example an application component provider declaratively specifies the PurchaseManager role as the only security role that is granted permission to call the purchase method on a Purchaseorder enterprise bean. The purchase method in turn drives its execution through an ERP logistics application by issuing a purchase requisition. In effect this application has authorized only end-users with the PurchaseManager role to do a purchase requisition. This is the recommended authorization model. An application component provider can also programmatically control access to enterprise information system data and functions based on the principal or role associated with the client who initiated the operation. For example the EJB specification allows component code to invoke getCallerPrincipal and isCallerlnRole to get the caller s security context. An application component provider can use these two methods to perform security checks that cannot be expressed declaratively in the deployment descriptor. An application can also rely on an enterprise information system to do access control based on the security context under which a connection to the enterprise information system has been established. For example if all users of an application connect to the database as dbUser then a database administrator can set explicit permissions for dbUser in the database security domain. The database administrator can deny dbUser permission to execute certain stored procedures or to access certain tables. Summary This chapter has described designs and guidelines for .