[jboss-user] [Security & JAAS/JBoss] - Re: Security chptr says ejb-jar.xml. But EJB3 has no ejb-jar

Markus.Wahl do-not-reply at jboss.com
Tue Jul 18 08:50:13 EDT 2006

Hi cgriffith, that was quick. Thank you. A follow-up question perhaps:

"j2ee_junkie" wrote : See the EJB3 wiki for documentation on how to use annotations to provide the same configurations as the ejb-jar.xml.
  | http://wiki.jboss.org/wiki/Wiki.jsp?page=EJB3

Is this what you meant: http://docs.jboss.org/ejb3/app-server/tutorial/security/security.html ?
It mentions javax.annotation.security.RolesAllowed, javax.annotation.security.PermitAll as well as the JBoss specific org.jboss.ejb3.security.SecurityDomain. I read in an older post (approx 18 months old: http://www.jboss.com/index.html?module=bb&op=viewtopic&t=59428)
 that the future may present a way to avoid using that specific JBoss-specific annotation by using some deployment descriptor instead. Is the mentioned ejb-jar.xml that descriptor, or is that yet to come?

If ejb-jar.xml is the foreseen descriptor, can I combine the use of the nice annotations PermitAll and RolesAllowed with ejb-jar.xml, or do I have to scrap the annotation trail alltogether and declare everything in the ejb-jar.xml, do you think?

thank you,

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3958775#3958775

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3958775

More information about the jboss-user mailing list