An enterprise bean has security permissions set up using declarative security features. Under
which two conditions can a client be guaranteed to have permission to invoke a business method
on the enterprise bean? (Choose two.)
A.
The Application Assembler has marked the enterprise bean methodasunchecked.
B.
The client’s principalhas beenassigned a securityrolewithpermissionto invokethe method.
C.
The Application Assembler has set the security-identity deployment descriptor to run-as.
D.
TheApplicationAssemblerhas mapped all security role references using the role-link element.