With EJBs, the container is implemented by what is commonly called an application server. Application server vendors and development groups may add additional services above and beyond the EJB specification and have some discretion on how services are implemented, but in order to be compliant, they must provide a core set of services as follows:
These services and some background information on how they may be implemented are discussed in the following sections.
EJB application servers must implement a specific role-based security model and must provide a role reference facility that allows a role reference name to be established for the role. Role permissions ...