Cristi Cioriia [http://community.jboss.org/people/cristi_cioriia] created the discussion "Why IsCallerInRole returns true when no DeclaresRole is defined?" To view the discussion, visit: http://community.jboss.org/message/589583#589583 -------------------------------------------------------------- Hi guys, I have the following situation in my code as described above: I have an interceptor class that intercept a stateless EJB A and contains some code like this: this.sessionContext.isCallerInRole("CONTRACT_" + getId()); //returns true A user role looks like "CONTRACT_1" and is assigned to the user by the login module. This interceptor intercepts an EJB that does NOT use @DeclaresRoles to declare any role. I am wandering how does this work since the annotation @DeclaresRoles is used specifically to define the roles that can be used in  a isCallerInRole() call? Why doesn't this call return false? I am using JBOSS 4.2.3. I am trying to understand how this works especially because I am trying to test my EJBs with OpenEJB, which fails on the line mentioned above if I do not define the role for the EJB with @DeclaresRoles. If I do(by hardcoding the return value in the getId()  method), then it works in OpenEJB too, so I am trying to see how  JBOSS handled the situation so that I maybe adapt it to my test case. Thanks for your help. -------------------------------------------------------------- Reply to this message by going to Community [http://community.jboss.org/message/589583#589583] Start a new discussion in EJB3 at Community [http://community.jboss.org/choose-container!input.jspa?contentType=1&...]