12.3.3. EJB Security Annotations
12.3.3.1. About EJB Security Annotations
EJBs use security annotations to pass information about security to the deployer. These include:
- @DeclareRoles
- Declares which roles are available.
- @SecurityDomain
- Specifies the security domain to use for the EJB. If the EJB is annotated for authorization with
@RolesAllowed
, authorization will only apply if the EJB is annotated with a security domain. - @RolesAllowed, @PermitAll, @DenyAll
- Specifies which method permissions are allowed. For information about method permissions, refer to Section 12.3.2.1, “About EJB Method Permissions”.
- @RolesAllowed, @PermitAll, @DenyAll
- Specifies which method permissions are allowed. For information about method permissions, refer to Section 12.3.2.1, “About EJB Method Permissions”.
- @RunAs
- Configures the propagated security identify of a component.
For more information, refer to Section 12.3.3.2, “Use EJB Security Annotations”.