[jboss-user] [JBoss Seam] - Re: Seam 2.x, Webservice Security
shane.bryzak@jboss.com
do-not-reply at jboss.com
Tue Jan 29 08:48:51 EST 2008
I just tested this by putting a @Restrict in the seamBay example in AuctionService.listCategories() then calling the web service via the test page in the seam-bay app.
@WebMethod @Restrict("#{s:hasRole('admin')}")
| public Category[] listCategories()
This successfully returned the following SOAP fault when I tried to invoke the method without logging in:
<env:Envelope xmlns:env='http://schemas.xmlsoap.org/soap/envelope/'>
| <env:Header></env:Header>
| <env:Body>
| <env:Fault xmlns:env='http://schemas.xmlsoap.org/soap/envelope/'>
| <faultcode>env:Server</faultcode>
| <faultstring>org.jboss.seam.security.NotLoggedInException</faultstring>
| </env:Fault>
| </env:Body>
| </env:Envelope>
I'm guessing that you probably have a configuration problem somewhere. I would start by comparing your project to seamBay to see if there's any obvious configuration differences.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4124408#4124408
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4124408
More information about the jboss-user
mailing list