Question given on HeadFirst book on page number 598.
Question :- Within the <Secuirty-role-ref> deployment desciptor element which sub element are optional ?
A) <Role-name> B) <role-link> C) <description> d) None of the above
I thought the correct answer is "C" ...but in the answer it's given "B" and "C"...and explaination given for "B" is "Usually defined by the application assembler".
Role Name under the <security-role-ref> tag is defined by the Bean Provider whereas the <role-link> is usually defined by the application assembler so, while making ejb-jar.xml file, its not mandatory to fill up the <role-link> tag. Sometime time afterwards, this <role-link> can be added to the DD by Application Assembler.
It seems Question was tricky ,as it's not mentioned in Question from whose point of view it's optional like from bean provider or appplication assembler.
From what I understand, <role-link> is not really required very often. It's only REALLY needed if there is a naming clash between what one bean producer created and another created. This is because instead of <role-link>, the AA can just re-use whatever the bean producer created in <security-role-ref>, and it will work.
--Dale--
See where your hand is? Not there. It's next to this tiny ad:
