4 Replies Latest reply: Aug 11, 2012 12:11 AM by Stephen Coy RSS

@RolesAllowed, @DenyAll usage in web tier?

Patrick Garner Newbie

I'm looking at a table in the JEE 6 specification section EE.6.25 that seems to indicate that web containers must support the following annotations: @PermitAll, @DenyAll, @RolesAllowed, @DeclareRoles and @RunAs

 

EE.6.25 Common Annotations for the Java™ Platform 1.1 Requirements

 

The Common Annotations specification defines Java language annotations that are

used by several other specifications, including this specification. The specifications

that use these annotations fully define the requirements for these annotations. The

applet container need not support any of these annotations. All other containers

must provide definitions for all of these annotations, and must support the semantics

of these annotations as described in the corresponding specifications and

summarized in the following table.

 

Table EE.6-5 Common Annotations Support by Container

 

Annotation
App Client
WebEJB
ResourceYYY
ResourcesYYY
PostConstructYYY
PreDestroyYYY
GeneratedNNN
RunAsNYY
DeclareRolesNYY
RolesAllowedNYY
PermitAllNYY
DenyAllNYY




 

What kinds of objects can these @RolesAllowed and @DenyAll be used on in the web tier?  Can these annotations be used with managed beans?  If not, why not?