I am using declarative security for authorization purposes. I have created all the necessary entries in deployment descriptor like under method permission,security-role and securiyt-role-ref tags also. How does the container checks the authorization runtime.? When the client perform the jndi lookup for the bean do i have to provide the principal at that time?

Can anybody explain me the process of authorization of ejb methods with some sample from client side.Its really very urgent