How to avoid to use @SecurityDomain on EJB

hantsy Dec 31, 2011 5:03 AM

I found the JAAS annotations(such as @RolesAllowed etc) did not work if I did not apply the @SecurityDomain annotation on EJB class.

But it is not a standard API, and it can not be used in other Application server.

I do not want to use it.

Is there is some solution to remove the @SecurityDomain annotation, and make it work as the standard way.

Thanks.

1. Re: How to avoid to use @SecurityDomain on EJB

wdfink Dec 31, 2011 9:21 AM (in response to hantsy)

You might use the vendor specific deployment descriptor for this.
The code is not polluted with such annotations but you have to write the XML stuff for each App server.
But if you support different servers you can pack the application with all specific descriptors because the other vendor specifics are ignored
Actions