[jboss-user] [JBoss Web Services] - Re: JBoss not honoring @PermitAll on EJB3 Endpoint

abhi0123 do-not-reply at jboss.com
Thu Apr 12 15:58:04 EDT 2012

abhi0123 [https://community.jboss.org/people/abhi0123] created the discussion

"Re: JBoss not honoring @PermitAll on EJB3 Endpoint"

To view the discussion, visit: https://community.jboss.org/message/729706#729706

> Richard Opalka wrote:
> Have a look to the followin tests:
> jboss-as/testsuite/integration/basic/src/test/java/org/jboss/as/test/integration/ws/authentication
> The Git repo is:  http://github.com/jbossas/jboss-as http://github.com/jbossas/jboss-as
I did and the commit demonstrates the exact same problem I pointed out. The test case is passing security credentials even for a @PermitAll method and you shouldn't need any.

public class EJBEndpoint implements EJBEndpointIface {

    public String hello(String input) {
        return "Hello " + input + "!";
    public String helloForAll(String input) {
        return "Hello " + input + "!";

    public void accessHelloForAllWithValidRole1() throws Exception {
        URL wsdlURL = new URL(baseUrl, "/jaxws-authentication-ejb3/EJB3AuthService?wsdl");

        Service service = Service.create(wsdlURL, serviceName);
        EJBEndpointIface proxy = service.getPort(EJBEndpointIface.class);

        Map<String, Object> reqContext = ((BindingProvider) proxy).getRequestContext();
        reqContext.put(BindingProvider.USERNAME_PROPERTY, "user1");
        reqContext.put(BindingProvider.PASSWORD_PROPERTY, "password1");

        final String result = proxy.helloForAll("World");
        Assert.assertEquals("Hello World!", result);

Reply to this message by going to Community

Start a new discussion in JBoss Web Services at Community

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-user/attachments/20120412/80fff74a/attachment-0001.html 

More information about the jboss-user mailing list