I'm having some difficulty applying the @Restrict annotation to a method that also has
the @WebMethod annotation.
| @WebMethod
| @Restrict("#{s:hasRole('admin')}")
| public boolean checkMeWS() {
| log.info("Checking via restricted webServices, in appropriate role: " +
Identity.instance().hasRole("admin"));
| return Identity.instance().isLoggedIn();
| }
|
should never be able to output a value of 'false' in the log output -
11:53:14,566 INFO [Authenticator] Checking via restricted webServices, in appropriate
role: false
or am I missing something? The same @Restrict annotation on a method called via Seam
Remoting (and not annotated with @WebMethod) throws the appropriate security exceptions.
Is there soomthing that says I can;t @Restrict an @WebMethod?
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4103450#...
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...