What happens if you put the @RolesAllowed("admin") annotation on the methods
instead of the bean class?On Fri, Sep 10, 2010 at 7:38 PM, Faw <[email protected]> wrote: > > > Ivan Xu wrote: > > > > There is a test case for ejb security web service sample, please refer to > > > https://svn.apache.org/repos/asf/geronimo/server/branches/2.2/testsuite/webservices-testsuite/jaxws-tests/jaxws-ejb-sec > > > > Ivan > > > > I was able to create a secure webservice using the sample. Thanks for the > help. The only problem I have now is that it is securing every method, the > "http-method" items aren't working. I wanted the WSDL visible (GET) while > keeping the actual requests (POST) secured. Is not really that big of a > deal, just an annoyance. This is my config: > > <ejb:web-service-security> > <ejb:security-realm-name>geronimo-admin</ejb:security-realm-name> > <ejb:transport-guarantee>NONE</ejb:transport-guarantee> > <ejb:auth-method>BASIC</ejb:auth-method> > <ejb:http-method>POST</ejb:http-method> > <ejb:http-method>PUT</ejb:http-method> > </ejb:web-service-security> > -- > View this message in context: > http://apache-geronimo.328035.n3.nabble.com/Secure-WebService-with-BASIC-Authentication-tp1354513p1452593.html > Sent from the Users mailing list archive at Nabble.com. > -- Vamsi
