Thought as much. Hmm, I think we could use a warning message if we spot a @PermitAll without an unauthenticatedPrincipal and we don't get supplied with a principal from the caller. Any objections? Carlo On Wed, 2007-05-02 at 08:40 -0700, Scott M Stark wrote: > Unchecked applies to the allowed roles. By default it still needs an > authenticated user. If you don't want that, don't annotate the method > with a permission, or setup the security domain to allow unauthenticated > users. Without such a distinction, the @PermitAll annotation is meaningless. > > Anil Saldhana wrote: > >> So if the user does not provide any username/principal, then the >> unauthenticatedIdentity setting (if present) will kick in. >> >> Anil Saldhana wrote: >> >>> That is because Scott thinks that any unchecked method should not be >>> totally open to the world. Only authenticated principals should have >>> access. >>> >>> Carlo de Wolf wrote: >>> >>>> Do either one of you know why a @PermitAll requires an >>>> unauthenticatedPrincipal (on SecurityDomain)? >>>> I want the answer beyond: TCK requires AuthorizationInterceptors. :-) >>>> >>>> Carlo