6 Replies Latest reply on Aug 8, 2011 3:49 PM by Jean Baldessar

    Security Domain

    beckers Newbie


      I'm porting an application from 6.0.0 to 7.0.0. I got most things working. There's a bug with oracle and hibernate 4. Another thing is, that protecting my stateless session bean is not working anymore.


      I got the security domain in jboss-web.xml and jboss.xml, in the web container it's working. Accessing a protected page triggers my form login and I'm logged in.

      My stateless session bean can be called no matter if I have no annotation, @DenyAll or a @RolesAllowed("some role i dont have").

      Do I need to change or add a configuration or is it a bug?