-
1. Re: Role check is not executed
mwx.dennis Oct 20, 2009 11:03 AM (in response to mwx.dennis)When I add a @SecurityDomain annotation to my EJB the call fails as expected.
This feels a bit dicey - when I forget to put the @SecurityDomain annotation in an EJB my authorization checks won't work and there will be no warning.
Is there a way to assign a security domain globally, i.e. for an entire application? -
2. Re: Role check is not executed
mwx.dennis Oct 20, 2009 11:56 AM (in response to mwx.dennis)OK, to make this a perfect monolog and for reference.. ;-)
I found the answer in the EJB3.0 book (OReilly), in the JBoss workbook.
In the jboss.xml (in the EJB jar's META-INF) add the following entry:<security-domain>other</security-domain>
This defines "other" as the global security domain. -
3. Re: Role check is not executed
jaikiran Oct 20, 2009 12:06 PM (in response to mwx.dennis)You can add it to the jboss.xml so that it applies to the entire ejb application:
<?xml version="1.0"?> <jboss xmlns="http://www.jboss.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.jboss.com/xml/ns/javaee http://www.jboss.org/j2ee/schema/jboss_5_0.xsd" version="3.0"> ... <security-domain>blah</security-domain> ... </jboss>
-
4. Re: Role check is not executed
jaikiran Oct 20, 2009 12:07 PM (in response to mwx.dennis)Ah, you did not give me a change to break your monologue ;)
-
5. Re: Role check is not executed
mwx.dennis Oct 20, 2009 12:12 PM (in response to mwx.dennis)Sorry :-o
But thanks for answering anyway. I'm sure I will have more questions which will not end up in a monologue ;)