>The @RolesAllowed annotation is not defined by JSR 375 and there was sadly not enough time to better integrate with it or provide a better alternative. Indeed, we should really address this for JSR

Hi Guillermo, Thanks for the explanation, I think I got a little better understanding of how it works. -- Daniel Dias dos Santos Java Developer SouJava & JCP Member GitHub:

Hi Daniel, The @RolesAllowed annotation is not defined by JSR 375 and there was sadly not enough time to better integrate with it or provide a better alternative. For now, @RolesAllowed are only

Hello, Rudy, was what I choosed, but when I use with Jax-RS the same does not work. was what I thought of, but when I use it with Jax-RS it will not work when I remove the web.xml and add the

Hi Daniel, web.xml is optional. The Java EE Security API spec didn't change that. You can define for example the roles and security constraints for URLs within the web.xml, but also with annotations

Hello people, I have a question regarding web.xml. Is it mandatory to use? I have seen some examples that use it and others do not. in https://github.com/eclipse-ee4j/soteria/tree/master/test ,

Hi, Justs heads up that we already have a new mailing list at Eclipse: es-dev@... This list has 41 subscribers while the new one has only 7! Please subscribe there and if you are an Eclipse Commiter

Thanks, all. On 02/21/2018 02:44 PM, Arjan Tijms wrote: -- Will Hopkins | WebLogic Security Architect | +1.781.442.0310Oracle Developer Experience35 Network Drive,

Hi, It's an easy change to swap the test dependency from Closed- to Open Liberty. I incidentally just did the same the other day here:

Seems reasonable!

Hi All, The Soteria project depends (for testing purposes) on IBM's commercial version of Liberty. This is a problem for the Eclipse migration, as Eclipse won't accept contributions not

That is good to know, thanks. Will try it probably on Monday when I get to that demo for security I have to do. Werner

Werner, Workaround from Arjan works, I have used it already some months ago for a demo. Works for any Java EE 7 server which doesn't contain Soteria already. Rudy

If the hints for build-time by Arjan work (deployment in Payara 4 build 174 or above should be fine) I guess that'll do for the client I'm helping with security and identity management right now. For

Will try those in the POM of the dev environment tomorrow. Would be great if it works to show them Soteria in the security PoC, but nevertheless it would be as great if Oracle or someone else could

The project proposal for Soteria should be submitted to the Eclipse Foundation this week. Then it takes a few weeks for Eclipse to vote on and approve the proposal. Then the repository and

Payara 174 has Soteria as well. The war only has to depend on the API, not on Soteria itself. The 1.0 API is available from Maven central: <dependency>

I know but the client currently only uses Payara 174 at most, and the WAR still must be built against a valid Maven repo, no snapshots allowed there. If Payara has public (Final) Maven JARs I could

On Wed, Feb 14, 2018 at 10:23 am, Werner Keil wrote: When I switch the Java EE dependency to Java EE 8, it seems to work, but the container I'm supposed to use is not Java EE 8 compatible yet nor do

All, I just found a very bad bug in Soteria 1.0 as it's out there in MavenCentral since August 2017 ;-/ I can't even set labels like "bug" but it is clearly a major bug and showstopper from using