[jboss-jira] [JBoss JIRA] (WFLY-2988) Class-level @RolesAllowed does not affect inherited methods

[Tomaz Cerar (JIRA)]

     [ https://issues.jboss.org/browse/WFLY-2988?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Tomaz Cerar updated WFLY-2988:
------------------------------

    Fix Version/s: 8.1.0.Final
                       (was: 8.1.0.CR1)

    
> Class-level @RolesAllowed does not affect inherited methods
> -----------------------------------------------------------
>
>                 Key: WFLY-2988
>                 URL: https://issues.jboss.org/browse/WFLY-2988
>             Project: WildFly
>          Issue Type: Bug
>      Security Level: Public(Everyone can see) 
>          Components: Security
>    Affects Versions: 8.0.0.Final
>         Environment: Wildfly 8.0.0.Final running on OpenJDK 1.7.0_45
>            Reporter: Daniel Lechner
>            Assignee: Darran Lofthouse
>             Fix For: 8.1.0.Final
>
>
> Excerpt from the forum reference:
> Basically I have an EJB which derives from a base class. At the EJB itself there is an class-level {{@RolesAllowed}} annotation. With this annotation all methods which are implemented directly in the class can be accessed when the caller has the appropriate role. But when he tries to call a method which has been implemented in the base class, access is denied.
> Reading the EJB 3.2 Spec which says
> {quote}
> Specifying the RolesAllowed or PermitAll or DenyAll annotation on the bean class means that it applies to all applicable business methods of the class.
> {quote}
> I would suggest that this should work. Although this worked with JBoss AS 5.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira