This section uses a simple EJB ‘PrincipalTest’ to demonstrate some of the concepts of EJB security. PrincipalTest (Listing 16.1) has only one method, get Principal(), which gets the current caller’s principal and returns it as a String to the client. The client (Listing 16.2) is also very simple: It just writes to the console the String returned by the EJB. The home and remote interfaces are not shown (they are only a few lines each); the home should expose a single create() method, while the remote exposes getPrincipal().
Later in this section we will see the effect of using a servlet to call the EJB, rather than a standalone program.
There is nothing in this section that won’t work, in principle, on other ...