JSR 109 - Version 1.3 - Chapter 22.214.171.124 Security
Handlers associated with a Port component run after authorization has occurred and before the business logic
method of the Service Implementation bean is dispatched to. For JAX-RPC or JAX-WS Service endpoints,
Handlers run after the container has performed the security constraint checks associated with the servlet
element that defines the Port component. For EJB based service implementations, Handlers run after method
level authorization has occurred.