| Description: | When the checkWithPolicy method is called by the EJBJACCPolicyModuleDelegate class during authorization, the current roles are always determined using the caller principal even when a runAs principal exists. As a result, if the @RunAs annotation is used, the current roles will only include those of the caller principal, and those specificed in the @RunAs annotation will be ignored when authorization is performed.
|