This week's giveaway is in the Android forum.
We're giving away four copies of Android Security Essentials Live Lessons and have Godfrey Nolan on-line!
See this thread for details.
The moose likes EJB and other Java EE Technologies and the fly likes EJB Security Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Java » EJB and other Java EE Technologies
Bookmark "EJB Security" Watch "EJB Security" New topic

EJB Security

saqib rashids

Joined: Mar 31, 2013
Posts: 6
I have a question regarding EJB3.1 security. If I apply @DenyAll at bean class level, and @RolesAllowed("xyz") on a method aMethod in the same class. Will @RolesAllowed applied on method override the @DenyAll applied on the class level, i.e. Will a client in role "xyz" be able to call aMethod??
Jaikiran Pai

Joined: Jul 20, 2005
Posts: 9953

Yes, that's correct - the method level annotation will override what's set at class level.

[My Blog] [JavaRanch Journal]
I agree. Here's the link:
subject: EJB Security
Similar Threads
Spring Security - Method level Permission
@RunAs Application
Question regarding EJB Security
Applying security annotations to the interface of the bean ?