File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes EJB Certification (SCBCD/OCPJBCD) and the fly likes @RolesAllowed Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Certification » EJB Certification (SCBCD/OCPJBCD)
Bookmark "@RolesAllowed" Watch "@RolesAllowed" New topic
Author

@RolesAllowed

mallika shah
Ranch Hand

Joined: May 11, 2006
Posts: 164
@RolesAllowed("admin")
public class SomeClass {
public void aMethod () {...}
public void bMethod () {...}
...
}

@Stateless public class MyBean implements A extends SomeClass {
@RolesAllowed("HR")
public void aMethod () {...}

public void cMethod () {...}
...
}

which role would be allowed for aMethod() ?? both admin and HR , or will HR override admin and the only role allowed for aMethod() would be admin ??

thanks,
mallika
Christophe Verré
Sheriff

Joined: Nov 24, 2005
Posts: 14687
    
  16

Method permission on a method overrides the permission set on the class. So HR overrides admin.


[My Blog]
All roads lead to JavaRanch
mallika shah
Ranch Hand

Joined: May 11, 2006
Posts: 164
thanks Christophe,
one thing more which i would like to clear is

what if it was like this..

public class SomeClass {
@RolesAllowed("admin")
public void aMethod () {...}
public void bMethod () {...}
...
}

@Stateless public class MyBean implements A extends SomeClass {
@RolesAllowed("HR")
public void aMethod () {...}

public void cMethod () {...}
...
}

would HR still overwrite admin, or MyBean being a subclass of Someclass will have HR and admin both roles allowed for aMethod() ??

thanks,
mallika
Christophe Verré
Sheriff

Joined: Nov 24, 2005
Posts: 14687
    
  16

HR still overwrites admin.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: @RolesAllowed
 
Similar Threads
Applying security annotations to the interface of the bean ?
@RunAS
Security question: @RolesAllowed
Security for MDB
@RunAs Application