]
RH Bugzilla Integration commented on WFLY-2988:
-----------------------------------------------
Dominik Pospisil <dpospisi(a)redhat.com> changed the Status of [bug
Class-level @RolesAllowed does not affect inherited methods
-----------------------------------------------------------
Key: WFLY-2988
URL:
https://issues.jboss.org/browse/WFLY-2988
Project: WildFly
Issue Type: Bug
Components: Security
Affects Versions: 8.0.0.Final
Environment: Wildfly 8.0.0.Final running on OpenJDK 1.7.0_45
Reporter: Daniel Lechner
Assignee: Darran Lofthouse
Fix For: 8.1.0.CR2, 8.1.0.Final
Excerpt from the forum reference:
Basically I have an EJB which derives from a base class. At the EJB itself there is an
class-level {{@RolesAllowed}} annotation. With this annotation all methods which are
implemented directly in the class can be accessed when the caller has the appropriate
role. But when he tries to call a method which has been implemented in the base class,
access is denied.
Reading the EJB 3.2 Spec which says
{quote}
Specifying the RolesAllowed or PermitAll or DenyAll annotation on the bean class means
that it applies to all applicable business methods of the class.
{quote}
I would suggest that this should work. Although this worked with JBoss AS 5.