Service method A(), implemented in a session bean, performs a highly sensitive operation. This
operation must be available in limited ways to low-privilege users to support a low-sensitivity
operation B(). Which approach addresses the requirements most securely?
A.
Mark the method A() as accessible to all necessary roles
B.
Mark the method A() as accessible to all appropriate roles, and use the programmatic
security model to impose the necessary additional restrictions
C.
Mark the method A() as accessible to all appropriate roles, and use the deployment descriptor
to indicate the conditions under which each role can invoke the high priority method
D.
Mark method A() as accessible only to a special role, then use a run-as element to invoke A()
from B(); before making the call to A(), B() checks that conditions are appropriate for the call