This week's book giveaway is in the Big Data forum.
We're giving away four copies of Elasticsearch in Action and have Radu Gheorghe & Matthew Lee Hinman on-line!
See this thread for details.
The moose likes EJB and other Java EE Technologies and the fly likes EJB Security Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Elasticsearch in Action this week in the Big Data forum!
JavaRanch » Java Forums » Java » EJB and other Java EE Technologies
Bookmark "EJB Security" Watch "EJB Security" New topic

EJB Security

saqib rashids

Joined: Mar 31, 2013
Posts: 6
I have a question regarding EJB3.1 security. If I apply @DenyAll at bean class level, and @RolesAllowed("xyz") on a method aMethod in the same class. Will @RolesAllowed applied on method override the @DenyAll applied on the class level, i.e. Will a client in role "xyz" be able to call aMethod??
Jaikiran Pai

Joined: Jul 20, 2005
Posts: 10394

Yes, that's correct - the method level annotation will override what's set at class level.

[My Blog] [JavaRanch Journal]
I agree. Here's the link:
subject: EJB Security