...
- Allow only logged in users in the "committer" role to invoke 'svnCommit'.
- Allow only logged in users in the "contributor" role to invoke 'submitPatch'.
- Allow anyone logged in or not to invoke 'svnCheckout'.
- Allow no one logged in or not to invoke 'deleteProject'.
Illegal Usage
Generally, security restrictions cannot be made on AroundInvoke methods and most callbacks.
The following usages of @RolesAllowed have no effect.
Code Block |
---|
@Stateful
@DecalredRoles({"committer"})
public class MyStatefulBean implements MyBusinessInterface {
@PostConstruct
@RolesAllowed({"committer"})
public void constructed(){
}
@PreDestroy
@RolesAllowed({"committer"})
public void destroy(){
}
@AroundInvoke
@RolesAllowed({"committer"})
public Object invoke(InvocationContext invocationContext) throws Exception {
return invocationContext.proceed();
}
@PostActivate
@RolesAllowed({"committer"})
public void activated(){
}
@PrePassivate
@RolesAllowed({"committer"})
public void passivate(){
}
}
|