Java collaborative applications are increasingly and widely used in the form of applets or servlets, as a way to easily download and execute small programs on one's computer. However, security associated with these downloaded applications, even if it exists, is not easily manageable. Most of the time, it relies on the user's ability to define a security policy for his virtual machine, which is undesirable. This paper proposes to integrate an RBAC mechanism for any Java application. It introduces a simple tag process that allows the developer to incorporate the appropriate policy in the source code of his application. The user is endowed with the ability to choose a role that corresponds to the required level of trust required in order for him to embed the policy in the executed code. A case study of a collaborative application shows how works the proposed API for managing roles, generating policies and logging in. At the end, a discussion about the dynamic enforcement of the generated policies is presented.