Question given on HeadFirst book on page number 598.

Question :- Within the <Secuirty-role-ref> deployment desciptor element which sub element are optional ?

A) <Role-name>
B) <role-link>
C) <description>
d) None of the above

I thought the correct answer is "C" ...but in the answer it's given "B" and "C"...and explaination given for "B" is "Usually defined by the application assembler".

It's little consfusing...Why "B" is correct..

James

Hi James,

Role Name under the <security-role-ref> tag is defined by the Bean Provider whereas the <role-link> is usually defined by the application assembler so, while making ejb-jar.xml file, its not mandatory to fill up the <role-link> tag. Sometime time afterwards, this <role-link> can be added to the DD by Application Assembler.

Hope this answers your question.

Thanks
Lalit

Lalit Thanks for reply.

It seems Question was tricky ,as it's not mentioned in Question from whose point of view it's optional like from bean provider or appplication assembler.

Thanks for reply.

James

From what I understand, <role-link> is not really required very often. It's only REALLY needed if there is a naming clash between what one bean producer created and another created. This is because instead of <role-link>, the AA can just re-use whatever the bean producer created in <security-role-ref>, and it will work.

--Dale--