3 Replies Latest reply on May 8, 2013 9:04 AM by sfcoy

    Question about ejb security

    elapaz

      I'm trying to secure my ejbs in my enterprise application, I want only authenticated users to be able to execute my ejb's methods.

      I've tried setting up my security domain in ear/META-INF/jboss-app.xml without success.

      By the way, I've noticed that if I use @RolesAllowed in each ejb, only authenticated users with some roles would execute the ejb's methods.

       

      My question is, is there a way to secure all ejbs without @RolesAllowed or annotating each class? I'm using JBoss 7.1.1

       

      Thanks,

      Eduardo