@Restrict & @WebMethod - Seam WebServices

hawkettc Nov 10, 2007 8:10 PM

I'm having some difficulty applying the @Restrict annotation to a method that also has the @WebMethod annotation.

@WebMethod
@Restrict("#{s:hasRole('admin')}")
public boolean checkMeWS() {
 log.info("Checking via restricted webServices, in appropriate role: " + Identity.instance().hasRole("admin"));
 return Identity.instance().isLoggedIn();
}

should never be able to output a value of 'false' in the log output -

11:53:14,566 INFO [Authenticator] Checking via restricted webServices, in appropriate role: false

or am I missing something? The same @Restrict annotation on a method called via Seam Remoting (and not annotated with @WebMethod) throws the appropriate security exceptions. Is there soomthing that says I can;t @Restrict an @WebMethod?

1. Re: @Restrict & @WebMethod - Seam WebServices

shane.bryzak Nov 11, 2007 9:47 PM (in response to hawkettc)

Thanks for pointing this out - yes it's an issue. I'm looking into it now.

http://jira.jboss.org/jira/browse/JBSEAM-2238
Actions
2. Re: @Restrict & @WebMethod - Seam WebServices

shane.bryzak Nov 11, 2007 11:05 PM (in response to hawkettc)

Fixed in CVS - check the above JIRA link for notes.
Actions
3. Re: @Restrict & @WebMethod - Seam WebServices

hawkettc Nov 16, 2007 8:06 PM (in response to hawkettc)

Thanks for the quick response - cheers.
Actions

Go to original post