[jboss-user] [Security & JAAS/JBoss] - Re: Security chptr says ejb-jar.xml. But EJB3 has no ejb-jar
do-not-reply at jboss.com
Wed Jul 19 06:38:04 EDT 2006
"Markus.Wahl" wrote : when I try this, all the roles defined in web.xml are allowed acces to my jsp files (this was expected). but all users get acces to my ejb bean. I define two roles in web.xml, but only one of those roles are mentioned in my ejb bean using the @RolesAllowed annotation.
I have discovered if I do use @SecurityDomain("mine") it suddenly works. So I have accomplished avoiding creating jboss-web.xml, but I still need to figure out how to avoid using the JBoss specific annotation or creating jboss.xml. do you think it is possible at all?
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3959082#3959082
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3959082
More information about the jboss-user