• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Question About Security Tag

 
Gowher Naik
Ranch Hand
Posts: 643
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
<assembly-descriptor>
<method-permission>
<role-name>admin</role-name>
<method>
<ejb-name>MyBean</ejb-name>
<method-name>*</method-name>
</method>
</method-permission>

<method-permission>
<unchecked/>
<method>
<ejb-name>MyBean</ejb-name>
<method-name>myMethod</method-name>
</method>
</method-permission>
</assembly-descriptor>

In above case will unchecked override admin role name?

Thanks
 
Satya Maheshwari
Ranch Hand
Posts: 368
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Quoting from Mikalai Notes:

The method permissions relation is defined as the union of all the method permissions defined in the individual method-permission elements.


Hence for your example, myMethod will have a union of admin and unchecked which would mean that it can be accessed by any role(though it is not actually overriding but a union of both method-permissions)
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic