Re: doubt about the web.xml

Home Messages Hashtags

#734

Re: doubt about the web.xml

Guillermo González de Agüero #734 Hi Daniel, The @RolesAllowed annotation is not defined by JSR 375 and there was sadly not enough time to better integrate with it or provide a better alternative. For now, @RolesAllowed are only portable on EJB components, although some servers such as Payara support them on any CDI bean AFAIK. The simpler way to use it is to annotate your resources @Stateless, or creating an interceptor and a CDI extension to tranform @RolesAllowed into an interceptor binding annotation. Creating such extensions was greatly simplified on CDI 2.0. toggle quoted messageShow quoted text El mié., 29 ago. 2018 16:12, Daniel Dias <daniel.dias.analistati@...> escribió: Hello, Rudy, was what I choosed, but when I use with Jax-RS the same does not work. was what I thought of, but when I use it with Jax-RS it will not work when I remove the web.xml and add the annotation @RolesAllowed ({USER, ADMIN}) as shown in this section: https://github.com/javaee-samples/javaee8-samples/blob/master/security/jwt/src/main/java/org/javaee8/security/jwt/rest/SampleController.java -- Daniel Dias dos Santos Java Developer SouJava & JCP Member GitHub: https://github.com/Daniel-Dos Linkedin: http://br.linkedin.com/in/danieldiassantos Twitter: http://twitter.com/danieldiasjava Em qua, 29 de ago de 2018 às 02:14, Rudy De Busscher <rdebusscher@...> escreveu: Hi Daniel, web.xml is optional. The Java EE Security API spec didn't change that. You can define for example the roles and security constraints for URLs within the web.xml, but also with annotations within code. Regards Rudy
More All Messages By This Member

View All 6 Messages In Topic

#734

Join javaee-security-spec@javaee.groups.io to automatically receive all group messages.

Home Messages Hashtags About Features Pricing Updates Terms Help Twitter