So far, I’ve left the details of method permissions, as well as roles and transactions, out of deployment discussions, primarily to avoid confusing an already complex set of issues. With the coding in this book done, though, it’s time to circle back around and deal with these issues, as they complete the Forethought deployment descriptors.

First, realize that all these options exist within the assembly-descriptor element, which itself exists as a child of the root element in the descriptor, ejb-jar. It should follow right after the enterprise-beans element. This is all basic information, though, so I won’t dwell on it; I assume you can use your server’s tools and DTDs to determine the basics of the XML formatting. You should also realize that the entire assembly-descriptor element is optional in a deployment descriptor. That said, the only good reason for leaving the assembly-descriptor out is the case where you are developing beans, but someone else in your organization is actually deploying your beans. In other words, no application should have deployed beans (in production) without assembly descriptors for those beans.