2010/5/28 Paul Sandoz <Paul.Sandoz_at_sun.com>:
> Hi,
>
> This is missing from the Jersey/EJB/Servlet integration (and also from the
> JAX-RS spec). Can you log an issue?
>
> As a workaround you can register your own impl of
> ExceptionMapper<AccessLocalException> to map an AccessLocalException to a
> 401 response. However, i am not sure what the WWW-Authenticate response
> header should be as Jersey may not be able to access the information as to
> how the servlet security was configured.
>
> Paul.
Does it mean that JAX-RS as a session bean is not fully specified in
the 'security' area, or is it just not yet implemented?
Regards,
Witold Szczerba