when i check the Caller and isCallerinRole in side a EJB method that is annoated with @RolesAllowed("businessowner") which means EJB sessionContext has the security info but not being verified by @RolesAllowed?
@RolesAllowed("businessowner")
Public List getMembers(){
// Create the client
System.out.println("Caller : " + sctx.getCallerPrincipal().getName());
System.out.println("Caller is in Role : " + sctx.isCallerInRole(Roles.BUSINESS));
}
it prints out this
22:43:15,656 INFO [STDOUT] Caller : admin
22:43:15,687 INFO [STDOUT] Caller is in Role : false
22:43:15,656 INFO [STDOUT] Caller : admin
22:43:15,687 INFO [STDOUT] Caller is in Role : false