[jboss-dev-forums] [Design of Management Features on JBoss] - Re: security domain used for securing remote access to Profi
scott.stark@jboss.org
do-not-reply at jboss.com
Wed Jul 8 11:03:27 EDT 2009
We need something like the deploy/ejb3-interceptors-aop.xml RoleBasedAuthorizationInterceptorFactory which is applied to beans annotated with @SecurityDomain:
|
| <interceptor name="Basic Authorization" factory="org.jboss.ejb3.security.RoleBasedAuthorizationInterceptorFactory" scope="PER_CLASS"/>
|
| ..
|
| <domain name="Stateless Bean" extends="Intercepted Bean" inheritBindings="true">
| <bind pointcut="execution(public * *->*(..))">
| <interceptor-ref name="org.jboss.ejb3.ENCPropagationInterceptor"/>
| <interceptor-ref name="org.jboss.ejb3.security.AuthenticationInterceptorFactory"/>
| </bind>
| <bind pointcut="execution(public * @org.jboss.ejb3.annotation.SecurityDomain->*(..))">
| <interceptor-ref name="Basic Authorization"/>
| </bind>
| <bind pointcut="execution(public * *->*(..))">
| <interceptor-ref name="org.jboss.ejb3.security.RunAsSecurityInterceptorFactory"/>
| </bind>
| <bind pointcut="execution(public * @org.jboss.ejb3.annotation.Clustered->*(..))">
| <interceptor-ref name="org.jboss.ejb3.remoting.ReplicantsManagerInterceptorFactory"/>
| </bind>
|
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4242442#4242442
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4242442
More information about the jboss-dev-forums
mailing list