Understanding and declaring roles

Roles are defined within an application in one of two ways: using the @DeclareRoles annotation and the @RolesAllowed annotation. In this recipe we will detail the @DeclareRoles annotation while the @RolesAllowed annotation will be introduced but developed further in the Controlling security using declarations recipe.

Getting ready

The two basic steps used to configure roles involve:

  1. Using the @DeclareRoles annotation to specify the roles used by the class
  2. Adding the @RolesAllowed annotation to restrict access to methods

    The @DeclareRoles annotation, as its name implies, declares the roles used by the application and is applied at the class level. That is, these are the roles to be used with the annotated EJB. The ...

Get EJB 3.1 Cookbook now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.