Here is the log that i got ( when i enabled debug).
logged in as admin expecting that i will get a permission denied when calling getMembers() in SLSB since it is annotated as @RolesAllowed("businessowner").
user=admin
roles=HttpInvoker,JBossAdmin,WebAppUser
REST/WEB-REQUEST
@Path("/members")
@RequestScoped
public class MemberRESTService
{
@EJB
Private SLSBProcessBean memberBean;
@GET
@Produces(MediaType.APPLICATION_XML)
public List<Member> findMember() {
return memberBean.getMembers()
}
}
-----------EJB----------
@Stateless
Public class SLSBProcessBean {
@RolesAllowed("businessowner")
Public List getMembers()
{
//Business Logic
Return members;
}
}
config
META-INF/Jboss.xml
<jboss>
<security-domain>java:/jaas/myapp-secure-domain</security-domain>
</jboss>
WEB-INF/jboss-web.xml
<jboss-web>
<security-domain>java:/jaas/myapp-secure-domain </security-domain>
</jboss-web>
------------------------------------------------------------------------------------------------------------------------------------LOG-------------------------------------------------------
11:44:16,109 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Security checking request GET /javaee6-app/rest/members
11:44:16,109 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] We have cached auth type FORM for principal GenericPrincipal[admin(HttpInvoker,JBossAdmin,WebAppUser,)]
11:44:16,109 DEBUG [org.apache.catalina.realm.RealmBase] Checking constraint 'SecurityConstraint[All resources]' against GET /rest/members--> false
11:44:16,109 DEBUG [org.apache.catalina.realm.RealmBase] No applicable constraint located
11:44:16,109 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Not subject to any constraint
11:44:16,109 DEBUG [org.jboss.resteasy.core.SynchronousDispatcher] PathInfo: members
11:44:16,109 DEBUG [org.jboss.resteasy.cdi.CdiConstructorInjector] Beans found for class com.sak.home.service.rest.MemberRESTService : [Managed Bean [class com.sak.home.service.rest.MemberRESTService] with qualifiers [@Any @Default @Exact]]
11:44:16,109 DEBUG [org.jboss.ejb3.ejbref.resolver.ejb30.impl.EJB30MetaDataBasedEjbReferenceResolver] Resolving reference for [EJB Reference: beanInterface 'com.sak.home.process.SLSBProcessBean', beanName '', mappedName 'null'] in org.jboss.metadata.ejb.jboss.JBossMetaData@1f
11:44:16,109 DEBUG [org.jboss.ejb3.ejbref.resolver.ejb30.impl.EJB30MetaDataBasedEjbReferenceResolver] Found match in EJB SLSBProcessBean for [EJB Reference: beanInterface 'com.sak.home.process.SLSBProcessBean', beanName '', mappedName 'null']
11:44:16,109 DEBUG [org.jboss.ejb3.ejbref.resolver.ejb31.impl.EJB31MetaDataBasedEjbReferenceResolver] Found specified beanInterface that is not a direct beanInterface of EJB SLSBProcessBean: com.sak.home.process.SLSBProcessBean
11:44:16,109 DEBUG [org.jboss.metadata.ejb.jboss.jndi.resolver.impl.JNDIPolicyBasedSessionBeanJNDINameResolver] Resolved JNDI Name for Interface com.sak.home.process.SLSBProcessBean of type NO_INTERFACE is SLSBProcessBean/no-interface
11:44:16,109 DEBUG [org.jboss.ejb3.ejbref.resolver.ejb31.impl.EJB31MetaDataBasedEjbReferenceResolver] Resolved JNDI Name for [EJB Reference: beanInterface 'com.sak.home.process.SLSBProcessBean', beanName '', mappedName 'null'] of EJB SLSBProcessBean: SLSBProcessBean/no-interface