0 Replies Latest reply on Mar 27, 2014 5:58 AM by Mylos Kathos

    @ServletSecurity returns HTTP 403 error

    Mylos Kathos Master

      Hi all!

      I need to use a Servlet that includes security settings via the @ServletSecurity annotation:



        value=@HttpConstraint(rolesAllowed = {"admin"}),








      public class SecureServlet extends HttpServlet {

      . . .


      The file jboss-web.xml in turn maps a Security Domain that is registered in my configuration.




      Now if I try to access the Servlet, the browser returns an error: 403 - Forbidden

      I wonder if there are any open issues with this annotation. BTW, I have also tried with the more generic annotation:

      @ServletSecurity(@HttpConstraint(rolesAllowed = {"admin"}))

      But that also does not work. On the other hand, using web.xml the BASIC Auth pop-up displays correctly.

      Any idea ?