I have found the following that answers my question: -So overall I both need to switch on support for the annotations AND configure a path based security constraint in the web.xml to trigger authentication.Have there been any discussions on looking into this further? It seems plausible that authentication could be triggered in the event a role is required if authentication has not already been performed: -
_______________________________________________On Fri, Nov 1, 2019 at 5:23 PM Darran Lofthouse <darran.lofthouse@jboss.com> wrote:Hello,I am presently in the process of adding MicroProfile JWT support to WildFly, most of the code to activate this is now ready but I just wanted to ask for some pointers as to how RestEasy triggers the need for authentication for a request?I have a deployed endpoint annotated with @RolesAllowed, I am about to attach a debugger and look into the call in more detail but thought I would ask here as well if there are any pointers.Regards,Darran Lofthouse.
resteasy-dev mailing list
resteasy-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/resteasy-dev
