[jboss-user] [Security & JAAS/JBoss] - Re: Security chptr says ejb-jar.xml. But EJB3 has no ejb-jar
do-not-reply at jboss.com
Tue Jul 18 08:50:13 EDT 2006
Hi cgriffith, that was quick. Thank you. A follow-up question perhaps:
"j2ee_junkie" wrote : See the EJB3 wiki for documentation on how to use annotations to provide the same configurations as the ejb-jar.xml.
Is this what you meant: http://docs.jboss.org/ejb3/app-server/tutorial/security/security.html ?
It mentions javax.annotation.security.RolesAllowed, javax.annotation.security.PermitAll as well as the JBoss specific org.jboss.ejb3.security.SecurityDomain. I read in an older post (approx 18 months old: http://www.jboss.com/index.html?module=bb&op=viewtopic&t=59428)
that the future may present a way to avoid using that specific JBoss-specific annotation by using some deployment descriptor instead. Is the mentioned ejb-jar.xml that descriptor, or is that yet to come?
If ejb-jar.xml is the foreseen descriptor, can I combine the use of the nice annotations PermitAll and RolesAllowed with ejb-jar.xml, or do I have to scrap the annotation trail alltogether and declare everything in the ejb-jar.xml, do you think?
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3958775#3958775
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3958775
More information about the jboss-user