Using the @RunAs Annotation (The Java EE 5 Tutorial)

The Java EE 5 Tutorial

Previous: Using the @DeclareRoles Annotation
Next: Declaring Security Requirements in a Deployment Descriptor

Using the `@RunAs` Annotation

The @RunAs annotation defines the role of the application during execution in a Java EE container. It can be specified on a class, allowing developers to execute an application under a particular role. The role must map to the user/group information in the container’s security realm. The value element in the annotation is the name of a security role of the application during execution in a Java EE container. The use of the @RunAs annotation is discussed in more detail in Propagating Security Identity.

The following is an example that uses the @RunAs annotation:

@RunAs("Admin")
public class CalculatorServlet {
@EJB private ShoppingCart myCart;
    public void doGet(HttpServletRequest, req, HttpServletResponse res) {
        //....
        myCart.getTotal();
        //....
    }
}
//....
}

The @RunAs annotation is equivalent to the run-as element in the deployment descriptor.

Previous: Using the @DeclareRoles Annotation
Next: Declaring Security Requirements in a Deployment Descriptor