Howdy Ranchers!
Should I be able to execute Principal#isCallerInRole("test")
without @DeclareRoles if I have a
<security-role> defined in my ejb-jar.xml file?
Just take a look at these examples:
1. No ejb-jar.xml.
Exception - I can't use isCallerInRole(-) if I didn't use @DeclareRoles.
2. No ejb-jar.xml.
Ok - works fine - I've declared "test" role and can use isCallerInRole("test").
3. With ejb-jar.xml
and
EJB:
Exception - just like in first case. What's different - now I have a security role "test" defined in my DD. I don't want to use @DeclareRoles once more. Should I be able to achieve it?
4. With ejb-jar.xml
and EJB:
Works fine! It works when I explicitly define a security-role-link, but I doesn't work with just the security-role defined.
I'm surprised
I've always thought that if there is no security-role-link, the container will try to find the role with the exact name as looked.
Is this the desired behaviour?
Thanks in advance!
Cheers!