Bean Provider has been asked to write a stateless session bean, MyBean with a single method
breakout. A System Administrator guarantees that all clients accessing the bean will be identified
by mutual SSL authentication. The Bean Provider’s task is to ensure that breakout always logs
identity information of the client that invoked it. Which solution would satisfy this requirement?
A.
Access the identity information in the X.509 certificate used to authenticate the user from within
breakout.
B.
Use the getCallerPrincipal method on an injected SessionContext to determine the required
information.
C.
Use the isCallerlnRole method on an injected SessionContext to determine the required
information.
D.
Ensure that the breakout method is appropriately annotated with @RolesAllowed.