I’m using keycloak to secure my front and backend. The roles are managed as well in keycloak. After logging in successfully, the @RolesAllowed annotation works fine on my views with @CDIView annotation, without creating my own AccessControl with @Alternative, I believe it’s because of the CDIViewProvider who recognize the @RolesAllowed. I want to use the @RolesAllowed in my functions to secure some methods that only certain roles can execute them. But @RolesAllowed is working only in the navigation.