Using security annotations in a Web application

markboletti Aug 31, 2011 2:09 AM

Hi all !

I have a web application running on JBoss 6 which uses web.xml and jboss-web.xml to specify the security domain. I wonder, is it possible to specify

it rather with annotations in a Servlet ?

@SecurityDomain("dblogin")

@RolesAllowed( { "Admin" })

public class SecureServlet extends HttpServlet {

}

I've tried it, however it does not issue any authentication window.

Thanks

Mark

1. Re: Using security annotations in a Web application

jaikiran Aug 31, 2011 2:45 AM (in response to markboletti)

What's the fully qualified classname of the @SecurityDomain annotation that you are using? Also what does your web.xml and jboss-web.xml look like?
Actions
2. Re: Using security annotations in a Web application

markboletti Aug 31, 2011 3:15 AM (in response to jaikiran)

Hello!
it's org.jboss.ejb3.annotation.SecurityDomain and javax.annotation.security.RolesAllowed

Well I've commented both the <security-constraint> block in web.xml and the <security-domain>java:/jaas/mydomain</security-domain> in jboss-web.xml. I thought that annotations would replace enterely the configuration in XML files. Am I wrong ?
Thanks a lot
Mark
Actions