Really this should just be for POJO endpoints, EJB3 endpoint already have a mechanism
available to them.
We can make it available for EJB3 endpoint, the only problem is that as part of the
deployment process the jboss-web.xml for the generated web app would need the same
security domain as the EJB.
Using this for EJB3 endpoint could give the ability to restrict who can use the WS
endpoint without affecting who can call the bean i.e. maybe only family can call the WS
but friends or family can call the EJB3 method directly.
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4178280#...
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...