What does your web.xml look like? -Brian
> On Aug 6, 2014, at 10:20 PM, Debashis Ghosh <[email protected]> wrote: > > Thanks for your response Brian. > I made the required changes in shiro.ini as below > > [users] > root = secret, admin > guest = guest, guest > [roles] > admin = * > > [urls] > /** = rest > > I double checked the web.xml and it has the shiro listener configuration as > mentioned by you. > > But the following code still can be accessed without any user pwd > > @Path("/MyResource") > @RequiresRoles("admin") > public class MyResource { > > @GET > @Produces(MediaType.APPLICATION_JSON) > public Response getMyResource() { > return Response.status(Status.OK).entity("Here is my > resource").build(); > } > } > > > > > > -- > View this message in context: > http://shiro-user.582556.n2.nabble.com/rest-glassfish4-shiro-enabled-working-sample-tp7580135p7580137.html > Sent from the Shiro User mailing list archive at Nabble.com.
