File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes EJB and other Java EE Technologies and the fly likes EJB Security Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » EJB and other Java EE Technologies
Bookmark "EJB Security" Watch "EJB Security" New topic

EJB Security

saqib rashids

Joined: Mar 31, 2013
Posts: 6
I have a question regarding EJB3.1 security. If I apply @DenyAll at bean class level, and @RolesAllowed("xyz") on a method aMethod in the same class. Will @RolesAllowed applied on method override the @DenyAll applied on the class level, i.e. Will a client in role "xyz" be able to call aMethod??
Jaikiran Pai

Joined: Jul 20, 2005
Posts: 10441

Yes, that's correct - the method level annotation will override what's set at class level.

[My Blog] [JavaRanch Journal]
I agree. Here's the link:
subject: EJB Security
It's not a secret anymore!