tomee-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Romain Manni-Bucau <rmannibu...@gmail.com>
Subject Re: restful web secruity for TOMEE
Date Thu, 08 Oct 2015 16:10:20 GMT
Hi

@RolesAllowed is a JAAS annotation so you need a JAASRealm in your
application (more likely server.xml but context.xml works as well).


Romain Manni-Bucau
@rmannibucau <https://twitter.com/rmannibucau> |  Blog
<http://rmannibucau.wordpress.com> | Github <https://github.com/rmannibucau> |
LinkedIn <https://www.linkedin.com/in/rmannibucau> | Tomitriber
<http://www.tomitribe.com>

2015-10-08 16:31 GMT+02:00 mark.cavender <mark.cavender@sbcglobal.net>:

> Hi,
>
> I am writing a the security for a web app/ restful services system.  I am
> using a FORM login for the web app with a custom DataSourceRealm.  I have
> also restricted the URL so that only certain roles can use it.  What I am
> noticing with that the RESTful services is the @RolesAllowed annotation
> isn't working.  I have made the RESTful service a stateless session bean
> with the @Stateless annotation, but it still doesn't work.  I have also
> injected a SessionContext into the service and used the
> session.isCallerInRole routine, and it returns false.  Is there something
> that I am missing?  Do I need to configure some additional thing for my web
> services?  Thanks in advance,
>
>
> Mark
>
>
>
> --
> View this message in context:
> http://tomee-openejb.979440.n4.nabble.com/restful-web-secruity-for-TOMEE-tp4676451.html
> Sent from the TomEE Users mailing list archive at Nabble.com.
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message