Is it possible to configure an MDB so that when it calls a session bean, there are two (or more) roles associated with the session context.
The reason for this is that I have a bunch of session beans that are called directly or indirectly from a message driven bean's onMessage() function. These session beans have methods that are annotated with one of three roles, @RolesAllowed("readonly"), @RolesAllowed("readwrite") or @RolesAllowed("admin").
These annotations work fine for user interactions as the users (when they login) have a set of roles that is either ["readonly"], ["readonly","readwrite"] or ["readonly","readwrite","admin"].
What I need with my MDB is to have two roles in the session context when the session bean is called, ["readonly","readwrite"].
Yes, I could go and change all of the @RolesAllowed() annotations so that