Chapter 7. EJB Security

In this chapter, we will cover:

  • Creating the SecurityApplication
  • Configuring the server to handle security
  • Understanding and declaring roles
  • Controlling security using declarations
  • Propagating identity
  • Controlling security programmatically


Security is an important aspect of many applications. Central to EJB security is the control of access to classes and methods. There are two approaches to controlling access to EJBs. The first, and the simplest, is through the use of declarative annotations to specify the types of access permitted. The second approach is to use code to control access to the business methods of an EJB. This second approach should not be used unless the declarative approach does not meet the needs ...

Get EJB 3.1 Cookbook now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.