Security role references

Within an application, the isCallerInRole() method can be used to determine if the user of the application is defined to a given role. The method takes a security role reference as an argument, rather than a security role. The security role references coded in the bean are defined by the bean provider, and declared in the bean's deployment descriptor.

For more information, see Security roles in the deployment descriptor

Each security role reference is linked to a security role by the application assembler; the linkage is declared in the deployment descriptor for the bean. For example, the security role reference of administrator used within the bean's code might be linked, in the deployment descriptor, to the team_leader role.

For more information, see Security roles in the deployment descriptor