2.5. Security References

Both Enterprise Java Beans (EJBs) and servlets can declare one or more <security-role-ref> elements.
Illustration of Security Roles Reference Model

Figure 2.1. Security Roles Reference Model

This element declares that a component is using the <role-name> element's role-nameType attribute value as an argument to the isCallerInRole(String) method. By using the isCallerInRole method, a component can verify whether the caller is in a role that has been declared with a <security-role-ref> or <role-name> element. The <role-name> element value must link to a <security-role> element through the <role-link> element. The typical use of isCallerInRole is to perform a security check that cannot be defined by using the role-based <method-permissions> elements.

Example 2.2. ejb-jar.xml descriptor fragment

  <!-- A sample ejb-jar.xml fragment -->


This fragment is an example only. In deployments, the elements in this section must contain role names and links relevant to the EJB deployment.

Example 2.3. web.xml descriptor fragment