Having the tag for MDB doesn't make any sense. Some verifiers may complain. Some do not. Also, because the DTD is common for all the bean types, even XML parsers ignore them when specified for MDB. All we need to make sure is that there is no isCallerInRole("XYZ") call in our MDBs.
Both should not because the DTD is common for all the bean types
But then I was just trying to understand why is that the point of not having Unchecked element for MDB is specified in HFEJB where as The point of not having security-role-ref for MDB is not specified anywhere.
So I thought one causes error at vaerifier level and other does not.
However if both dont, then my understanding is right.
Just keep in mind that security-role-ref does not make any sense for MDB and you generally won't specify it. The exam will not test you with questions like 'What error occurs when security-role-ref is specified as XYZ for a MDB?' Most of the gray areas from the spec are carefully avoided/questioned in the exam. So don't worry.