Thanks.  As a follow up, I'd like to request a bearer token but limit the
Roles identified in the bearer token.  I'm looking
at org.jboss.resteasy.example.oauth.ProductDatabaseClient.  Would it be
right to look that the Access Token Scope to try and accomplish this.  What
I'm trying to do is have a set of REST services protected using the
@RolesAllowed and a less sensitive role.  Even though the Resource Owner
may have access to more sensitive roles, I don't wan the bearer token being
given to the client to have all of these roles.  I'm working my way through
org.jboss.resteasy.skeleton.key.servlet.ServletOAuthClient and mapping to
the OAuth2 spec, but would welcome any guidance pointing me in the right

Precog is a next-generation analytics platform capable of advanced
analytics on semi-structured data. The platform includes APIs for building
apps and a phenomenal toolset for data science. Developers can use
our toolset for easy data analysis & visualization. Get a free account!
Resteasy-users mailing list

Reply via email to