Which two, taken in combination, are appropriate to accomplish this?

A developer implements a session bean with a method doStuff which behaves differently
depending on the caller’s security role. Only users in security roles “ADMIN” and “USER” are
allowed to call the method. Assume that there is no security-related metadata in the deployment
descriptor. Which two, taken in combination, are appropriate to accomplish this? (Choose two.)

A developer implements a session bean with a method doStuff which behaves differently
depending on the caller’s security role. Only users in security roles “ADMIN” and “USER” are
allowed to call the method. Assume that there is no security-related metadata in the deployment
descriptor. Which two, taken in combination, are appropriate to accomplish this? (Choose two.)

A.
Annotate method doStuff with @PermitAII.

B.
AnnotatemethoddoStuff with@RolesAllowed({“ADMIN”,”USER”})

C.
If EJBContext.getCallerPrincipal returns role “ADMIN”, implement thebehaviorfor users in role
ADMIN.

D.
If EJBContext.isCallerlnRole(“ADMIN”) returns true, implement the behavior defined for users in
role “ADMIN”.



Leave a Reply 0

Your email address will not be published. Required fields are marked *