4 a.m.
Hi,
I'm currently testing the @SecurityDomain("keycloak") and @RolesAllowed
annotations on my JAX-RS services and was surprised to see that I get a
HTTP 500 (internal server error) when a requesting user doesn't have the
role that is required by @RolesAllowed. Is this intentional or a known
issue or am I doing something wrong in the config?
I'm using Wildfly 8.0.0.Final with the default RestEasy module. Would
upgrading RestEasy do the trick?
Cheers,
Nils
7:57 a.m.
Just a regular JAX-RS class? Not an EJB?
On 4/1/2014 5:00 AM, Nils Preusker wrote:
Hi,
I'm currently testing the @SecurityDomain("keycloak") and @RolesAllowed
annotations on my JAX-RS services and was surprised to see that I get a
HTTP 500 (internal server error) when a requesting user doesn't have the
role that is required by @RolesAllowed. Is this intentional or a known
issue or am I doing something wrong in the config?
I'm using Wildfly 8.0.0.Final with the default RestEasy module. Would
upgrading RestEasy do the trick?
Cheers,
Nils
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
8:09 a.m.
Hey Bill,
it is actually an EJB (@Stateless @Path(...)).
Another question about this: You mention in the user guide that you are
planning to improve the integration and get rid of the @SecurityDomain
annotation. Are you currently working on this or can you give me some
estimate on which release this is planned for?
Cheers,
Nils
On Tue, Apr 1, 2014 at 2:57 PM, Bill Burke <bburke(a)redhat.com> wrote:
Just a regular JAX-RS class? Not an EJB?
On 4/1/2014 5:00 AM, Nils Preusker wrote:
> Hi,
>
> I'm currently testing the @SecurityDomain("keycloak") and
@RolesAllowed
> annotations on my JAX-RS services and was surprised to see that I get a
> HTTP 500 (internal server error) when a requesting user doesn't have the
> role that is required by @RolesAllowed. Is this intentional or a known
> issue or am I doing something wrong in the config?
>
> I'm using Wildfly 8.0.0.Final with the default RestEasy module. Would
> upgrading RestEasy do the trick?
>
> Cheers,
> Nils
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
8:11 a.m.
I don't have a solution to getting rid of @SecurityDomain yet. What
should happen is that the EJB should inherit the security domain of the
WAR, but it doesn't. I opened a Wildfly bug and hopefully it will be fixed.
As for this particular bug, it may just be that you have to write an
ExceptionMapper and unwrap EJBException.
Can you show the stack trace in the log?
On 4/1/2014 9:09 AM, Nils Preusker wrote:
Hey Bill,
it is actually an EJB (@Stateless @Path(...)).
Another question about this: You mention in the user guide that you are
planning to improve the integration and get rid of the @SecurityDomain
annotation. Are you currently working on this or can you give me some
estimate on which release this is planned for?
Cheers,
Nils
On Tue, Apr 1, 2014 at 2:57 PM, Bill Burke <bburke(a)redhat.com
<mailto:bburke@redhat.com>> wrote:
Just a regular JAX-RS class? Not an EJB?
On 4/1/2014 5:00 AM, Nils Preusker wrote:
> Hi,
>
> I'm currently testing the @SecurityDomain("keycloak") and
@RolesAllowed
> annotations on my JAX-RS services and was surprised to see that I
get a
> HTTP 500 (internal server error) when a requesting user doesn't
have the
> role that is required by @RolesAllowed. Is this intentional or a
known
> issue or am I doing something wrong in the config?
>
> I'm using Wildfly 8.0.0.Final with the default RestEasy module. Would
> upgrading RestEasy do the trick?
>
> Cheers,
> Nils
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org <mailto:keycloak-user@lists.jboss.org>
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org <mailto:keycloak-user@lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-user
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
2:16 p.m.
Hi Bill, that did the trick, I just added an exception mapper. Thanks!
About the wildfly issue, can u share a link to it so I can track it? I'm quite eager
to get this to work since we want to deploy our war modules without security for test
cases (in combination with arquillian). So we just discard the web.xml in the test
deployments and the roles allowed annotations are being ignored. But with the security
domain annotation that would be a bit more tricky.
Cheers,
Nils
--
Blog: www.nilspreusker.de
On Apr 1, 2014, at 15:11, Bill Burke <bburke(a)redhat.com>
wrote:
I don't have a solution to getting rid of @SecurityDomain yet. What
should happen is that the EJB should inherit the security domain of the
WAR, but it doesn't. I opened a Wildfly bug and hopefully it will be fixed.
As for this particular bug, it may just be that you have to write an
ExceptionMapper and unwrap EJBException.
Can you show the stack trace in the log?
> On 4/1/2014 9:09 AM, Nils Preusker wrote:
> Hey Bill,
>
> it is actually an EJB (@Stateless @Path(...)).
>
> Another question about this: You mention in the user guide that you are
> planning to improve the integration and get rid of the @SecurityDomain
> annotation. Are you currently working on this or can you give me some
> estimate on which release this is planned for?
>
> Cheers,
> Nils
>
>
> On Tue, Apr 1, 2014 at 2:57 PM, Bill Burke <bburke(a)redhat.com
> <mailto:bburke@redhat.com>> wrote:
>
> Just a regular JAX-RS class? Not an EJB?
>
>> On 4/1/2014 5:00 AM, Nils Preusker wrote:
>> Hi,
>>
>> I'm currently testing the @SecurityDomain("keycloak") and
> @RolesAllowed
>> annotations on my JAX-RS services and was surprised to see that I
> get a
>> HTTP 500 (internal server error) when a requesting user doesn't
> have the
>> role that is required by @RolesAllowed. Is this intentional or a
> known
>> issue or am I doing something wrong in the config?
>>
>> I'm using Wildfly 8.0.0.Final with the default RestEasy module. Would
>> upgrading RestEasy do the trick?
>>
>> Cheers,
>> Nils
>>
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user(a)lists.jboss.org <mailto:keycloak-user@lists.jboss.org>
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
> --
> Bill Burke
> JBoss, a division of Red Hat
> http://bill.burkecentral.com
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org <mailto:keycloak-user@lists.jboss.org>
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
3907
days inactive
3907
days old
4 comments
2 participants
participants (2)
-
Bill Burke -
Nils Preusker