Ramon Molossi [http://community.jboss.org/people/ramonmolossi] created the discussion "SecurityDomain Annotation" To view the discussion, visit: http://community.jboss.org/message/626764#626764 -------------------------------------------------------------- I'm creating a WebApplication using Jboss AS 7 and trying to use a Form Based Authentication using a DatabaseServerLoginModule. My authentication and roles are ok. I had a problem to protect a EJB class. I configured my EJB methods with @RolesAllowed("Admin") as I wanted. But nothing is getting blocked, even who don't have the "Admin" Role.... Then I tried to configure the *(a)org.jboss.security.annotation.SecurityDomain*(&quot;myDomain&quot;) at class type definition. Nothing gets blocked yet. Then I tried to use *(a)org.jboss.ejb3.annotation.SecurityDomain*(&quot;myDomain&quot;) and things starts work. I just want to know why. If I am not supposed to use de org.jboss.security annotation or if I missed some configuration. My configuration is really simple:                <security-domain name="myDomain" cache-type="default">                     <authentication>                         <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">                             <module-option name="dsJndiName" value="java:jboss/datasources/myDS"/>                             <module-option name="principalsQuery" value="mySQL1"/>                             <module-option name="rolesQuery" value=mySQL2"/>                             <module-option name="hashAlgorithm" value="MD5"/>                             <module-option name="hashEncoding" value="HEX"/>                         </login-module>                     </authentication>                </security-domain> ps: At this moment I just trying authentication configs wich are really ok, I'm having some troubles with authorization configs inside this security-domain, but I will create a new discussion to that. -------------------------------------------------------------- Reply to this message by going to Community [http://community.jboss.org/message/626764#626764] Start a new discussion in PicketBox Development at Community [http://community.jboss.org/choose-container!input.jspa?contentType=1&...]