@RolesAllowed is defined for ejb web service endpoint, but not defined
for servlet web service endpoint.
There may be some issues in the example in this case.
I have forward this email to tutorial team.
Thanks.
Shing Wai Chan
Peter Williams wrote:
> There is a sample in the javaee5tutorial
> (examples/jaxws/helloservice-basicauth) that uses the @RolesAllowed
> annotation in an annotated web service inside a web application. It
> also has a security-role-mapping for the role name defined in
> sun-web.xml.
>
> However, JSR-244 Table EE-6.6 specifies that @RolesAllowed is not
> supported in the web container. Neither JSR-154 or JSR-181 seem to
> discuss this.
>
> So is the example wrong, or is the spec wrong?
>
> If the example works (I haven't confirmed that it does) but the spec
> is correct that this annotation is not supported, does that mean that
> Glassfish has a spec extension that is allowing this to work?
>
> -Peter
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: dev-help_at_glassfish.dev.java.net
>