JBoss Community

Re: @javax.annotation.security.RolesAllowed on EJBs does not work

created by Stuart Douglas in JBoss AS 7 Development - View the full discussion

Security is not being used as your ejb's are not associated with a security domain.

You need something like this in jboss-ejb3.xml:

<?xml version="1.0"?>  
<jboss:ejb-jar xmlns:jboss="http://www.jboss.com/xml/ns/javaee"
                  xmlns="http://java.sun.com/xml/ns/javaee"
                  xmlns:s="urn:security"
                  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                  xsi:schemaLocation="http://www.jboss.com/xml/ns/javaee http://www.jboss.org/j2ee/schema/jboss-ejb3-2_0.xsd
                     http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/ejb-jar_3_1.xsd"
                  version="3.1"
                  impl-version="2.0">
  <assembly-descriptor>
    <s:security>
      <ejb-name>*</ejb-name>
      <s:security-domain>other</s:security-domain>
    </s:security>
  </assembly-descriptor>

</jboss:ejb-jar>

Reply to this message by going to Community

Start a new discussion in JBoss AS 7 Development at Community