Tuesday, November 13, 2018

@DeclareRoles annotation in EJB

@DeclareRoles annotation in EJB is used to declare Security Roles Referenced from the Bean’s Code.

The Bean Provider is responsible for using the DeclareRoles annotation or the security-role-ref elements of the deployment descriptor to declare all the security role names used in the enterprise bean code. The DeclareRoles annotation is specified on a bean class, where it serves to declare roles that may be tested by calling isCallerInRole from within the methods of the annotated class. Declaring the security roles allows the Bean Provider, Application Assembler, or Deployer to link these security role names used in the code to the security roles defined for an assembled application. In the absence of this linking step, any security role name as used in the code will be assumed to correspond to a security role of the same name.

Example:

@Stateless
@DeclareRoles("user")
public class I88CaBean{
  //...
}


@Stateless
@DeclaresRoles({"A", "B"})
public class TestEJB implements Test {
//...
}