[jboss-user] [Security & JAAS/JBoss] - Re: Principal from Servlet to EJB not propagating?
do-not-reply at jboss.com
Thu Oct 26 11:30:02 EDT 2006
anonymous wrote : To reiterate, I am expecting the call to the EJB method to fail as I have specified a non-existing roles in @RolesAllowed.
I should have noted this in your first post itself. Overlooked it though.
Have you specified a security domain for the EJB either through annotation at class level or through the jboss.xml file? If you haven't then the EJB is NOT considered a secure one and the @RolesAllowed will be ignored.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3981048#3981048
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3981048
More information about the jboss-user