0 Replies Latest reply on Feb 14, 2013 6:05 AM by stianst

SecurityInterceptor from picketlink-extensions causes authentication to be required

stianst Feb 14, 2013 6:05 AM

"org.picketlink.extensions.core.rest.interceptors.SecurityInterceptor" causes authentication to be required for all resources that are not included in picketlink-extension (for example SignInEndpoint).

In my application I've changed this class to remove this, and instead added an exception mapper to deal with the deltaspike exception.

See:

https://github.com/stianst/eventjuggler/blob/master/services/src/main/java/org/eventjuggler/services/security/SecurityInterceptor.java

https://github.com/stianst/eventjuggler/blob/master/services/src/main/java/org/eventjuggler/services/security/AccessDeniedExceptionHandler.java

It would be good if picketlink-extensions did something similar so that users wouldn't have to deal with this.