Which two, taken in combination, are appropriate to accomplish this?

A developer implements a session bean with a method doStuff which behaves differently
depending on the caller’s security role. Only users in security roles “ADMIN” and “USER” are
allowed to call the method. Assume that there is no security-related metadata in the deployment
descriptor. Which two, taken in combination, are appropriate to accomplish this? (Choose two.)

A developer implements a session bean with a method doStuff which behaves differently
depending on the caller’s security role. Only users in security roles “ADMIN” and “USER” are
allowed to call the method. Assume that there is no security-related metadata in the deployment
descriptor. Which two, taken in combination, are appropriate to accomplish this? (Choose two.)

A.
Annotate method doStuff with @PermitAII.

B.
Annotate method doStuff with @RolesAllowed({“ADMIN”,”USER”})

C.
If EJBContext.getCallerPrincipal returns role “ADMIN”, implement the behavior for users in role

ADMIN.

D.
If EJBContext.isCallerlnRole(“ADMIN”) returns true, implement the behavior defined for users in
role “ADMIN”.

Show Hint

Leave a Reply 0

Your email address will not be published. Required fields are marked *