my dog learned polymorphism
The moose likes EJB and other Java EE Technologies and the fly likes EJB Security Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » EJB and other Java EE Technologies
Bookmark "EJB Security" Watch "EJB Security" New topic

EJB Security

saqib rashids

Joined: Mar 31, 2013
Posts: 6
I have a question regarding EJB3.1 security. If I apply @DenyAll at bean class level, and @RolesAllowed("xyz") on a method aMethod in the same class. Will @RolesAllowed applied on method override the @DenyAll applied on the class level, i.e. Will a client in role "xyz" be able to call aMethod??
Jaikiran Pai

Joined: Jul 20, 2005
Posts: 10441

Yes, that's correct - the method level annotation will override what's set at class level.

[My Blog] [JavaRanch Journal]
I agree. Here's the link:
subject: EJB Security
jQuery in Action, 3rd edition