This topic has not yet been written. The content below is from the topic description.
Figure 1.4. The element [Image http://docs.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/5/html/Security_Guide/images/j2ee_method_permission.jpg] Each element contains one or more child elements. defines the logical roles that are allowed to access the EJB methods as identified by child elements. You can also specify an element instead of the element to declare that any authenticated user can access the methods identified by method child elements. In addition, you can declare that no one should have access to a method that has the exclude-list element. If an EJB has methods that have not been declared as accessible by a role using a element, the EJB methods default to being excluded from use. This is equivalent to defaulting the methods into the exclude-list.