[jboss-dev-forums] [PicketBox Development] - SecurityDomain Annotation

[Ramon Molossi]

Ramon Molossi [http://community.jboss.org/people/ramonmolossi] created the discussion

"SecurityDomain Annotation"

To view the discussion, visit: http://community.jboss.org/message/626764#626764

--------------------------------------------------------------
I'm creating a WebApplication using Jboss AS 7 and trying to use a Form Based Authentication using a DatabaseServerLoginModule.

My authentication and roles are ok.

I had a problem to protect a EJB class.

I configured my EJB methods with @RolesAllowed("Admin") as I wanted. 

But nothing is getting blocked, even who don't have the "Admin" Role....
Then I tried to configure the *@org.jboss.security.annotation.SecurityDomain*("myDomain") at class type definition. Nothing gets blocked yet.


Then I tried to use *@org.jboss.ejb3.annotation.SecurityDomain*("myDomain") and things starts work.

I just want to know why. If I am not supposed to use de org.jboss.security annotation or if I missed some configuration.

My configuration is really simple: 

               <security-domain name="myDomain" cache-type="default">
                    <authentication>
                        <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
                            <module-option name="dsJndiName" value="java:jboss/datasources/myDS"/>
                            <module-option name="principalsQuery" value="mySQL1"/>
                            <module-option name="rolesQuery" value=mySQL2"/>
                            <module-option name="hashAlgorithm" value="MD5"/>
                            <module-option name="hashEncoding" value="HEX"/>
                        </login-module>
                    </authentication>
               </security-domain>

ps: At this moment I just trying authentication configs wich are really ok, I'm having some troubles with authorization configs inside this security-domain, but I will create a new discussion to that.
--------------------------------------------------------------

Reply to this message by going to Community
[http://community.jboss.org/message/626764#626764]

Start a new discussion in PicketBox Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2088]

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-dev-forums/attachments/20110915/e2a11fe4/attachment.html