Product SiteDocumentation Site

11.3. Role-Based Access Control

RBAC allows you to perform authorization based on the roles granted for an user. For that, PicketLink provides a specific annotation. You only need to specify the role name.
@RolesAllowed("Administrator")
public void shutdown() {
	// only users granted with this role can access this method
}
The @RolesAllowed annotation can also be used on types. In this case, all bean methods are protected:
@RolesAllowed("Administrator")
public class MyBean() {
	
}
You can also define multiple roles if you want to:
@RolesAllowed({"Sales", "Financial"})