[jboss-user] [Security & JAAS/JBoss] - Re: Principal from Servlet to EJB not propagating?

jaikiran do-not-reply at jboss.com
Thu Oct 26 11:30:02 EDT 2006

anonymous wrote : To reiterate, I am expecting the call to the EJB method to fail as I have specified a non-existing roles in @RolesAllowed. 

I should have noted this in your first post itself. Overlooked it though.

Have you specified a security domain for the EJB either through annotation at class level or through the jboss.xml file? If you haven't then the EJB is NOT considered a secure one and the @RolesAllowed will be ignored.

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3981048#3981048

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3981048

More information about the jboss-user mailing list