role-link in DD optional ?

Hello Friends,
Suppose the bean provider has hard coded a security role in the business methods and in the <security-role-ref> section of the DD, he has specified a <role-name> but the application assembler does not specify a <role-link> to map the bean provider given security role to the abstract security role defined by the application assembler since the <role-link> section in the DD is optional.
What will happen if the role defined by the bean provider is not an abstract security role in the <assembly-descriptor> section of the DD? Any exceptions will be thrown or what might happen ?

Hi Reghu,
It's just my opinion, but I would bet for an error at deploy time (after all the deploy tool has all the information it needs to point the issue).
Cheers,
Phil.

Hi Phil,
Could you elaborate something about the deploy tools because i am not sure about how such an error can be reported ! Is it like when you are about to deploy the bean in some application server, the error will be generated or what ?
Thanks for your replies Phil,

Hi Reghu,

Is it like when you are about to deploy the bean in some application server, the error will be generated or what ?

Yes, it's what I meant.
Cheers,
Phil.

howdy, guys !!!
I have been asking exactly the same question some time ago
[EJB 2.0 Specs] Security Question. Oh-h-h, tough one
Nobody answered it
But my opinion is that it is optional for Bean Provider. But Application Assembler HAS TO define <role-link> for all references.
Other option [this is solely my own opinion] could be that EJB Container may ingnore references without links.
Would be fine to hear from some EJB GURU, or REAL EJB GIRL (Kathy, of course )