How do I find out programmatically which other methods can be called on a session bean by an authenticated user from in a bean method? On the session bean I have created a method which is supposed to return a list of the methods accessible on the bean (simplified): @PermitAll public String[] getAllowedMethods() { ... } In this method I'm trying to iterate through the methods on the session bean checking to see if the caller has permission to access each one. I want to return a list of the accessible methods to the client. After a week of exploring, searching on forums and trying out code I cannot find a way to do this. I could find no methods which give me access to this metadata from the bean so I've tried querying the annotations myself from a static class reference to the actual Session Bean (MySessionBean.class) but the annotations come back as proxies and code reports there are no @Remote, @RolesAllowed etc. annotations on the class I have a reference to, so I presume the ClassLoader is returning me a bean proxy. I've looked at SessionContext, EJBHome, EJBMetaData seeking this security information about EJB methods but to no avail. All I have is a suspicion that the information I am looking for is available to interceptors. Anyone know how to query bean methods for roles allowed at runtime? View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3962286#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...