Watch out for <unchecked/>

Think of <unchecked/> as standing in for a <role-name> in a method permission. But because of the way method permissions interact, if you have a method permission defined for a method using <unchecked/>, it won’t matter what other method permissions you set up for that method. One little <unchecked/> and it means the method is free for anyone to call, regardless of their principal or security role!

Method permissions with <unchecked/>

The <unchecked/> element overrides ALL other method permissions for a method.

How to deal with a bean that has two methods of the same name, but one is in the home interface and the other is in the component interface.

(Yes, we lied, there are actually four ways to describe a method: by wildcard (*), by name, by name and parameters, and by name and interface)

<method>
    <ejb-name>WorldDomination</ejb-name>
    <method-intf>Remote</method-intf>
    <method-name>takeOver</method-name>
</method>

The value of <method-intf> must be one of these four:

<method-intf>Remote</method-intf>

<method-intf>Home</method-intf>

<method-intf>Local</method-intf>

<method-intf>LocalHome</method-intf>

Get Head First EJB now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Head First EJB by Kathy Sierra, Bert Bates

Watch out for <unchecked/>

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly