log.debug("authorize " + resource + " " + subject + " " + role);
EJBResource ejbResource = (EJBResource) resource;
RoleGroup methodRoles = ejbResource.getEjbMethodRoles();
if(methodRoles == null)
return AuthorizationContext.PERMIT;
if(methodRoles.containsRole(SimpleRole.ANYBODY_ROLE))
return AuthorizationContext.PERMIT;
for(Principal p : subject.getPrincipals())
{
// TODO: not really true, but for the moment lets assume that the principal is also the role
Role myRole = new SimpleRole(p.getName());