AppServer:
Sun Java System Application Server Platform Edition 9.0_01 (build b02-p01)
Two questions, the easy one first:
Aren't the RolesAllowed defined in my EJB interface suppose to propagate to my EJB implementation?
Second:
I have an enterprise application which contains EJB and web projects.
I'm trying to get the roles, configured in [sun-]application.xml, working in my EJB project. Authentication is done in the web project using BASIC and authorization is properly working using security constraints in my web.xml.
My controllers (Spring) are calling a local EJB, but I am receiving the following exception, even when I'm in the required role:
javax.ejb.AccessLocalException: Client not authorized for this invocation.
[Message sent by forum member 'jeffreyrodriguez' (jeffreyrodriguez)]
http://forums.java.net/jive/thread.jspa?messageID=217752