Hi John Try
@Context SecurityContext sc as a parameter in your method and then sc.isUsertInRole()... The other option is to experiment with Acegi (Spring Security), as far as applying permissions to individual methods - I haven't tried myself. I think JAX-RS will support some explicit EE security annotations too at some time Cheers, Sergey
Hello, Is there any way to use annotations to apply roles to methods in a Webservice or REST call? I'd like to be able to configure an application to let users within one group access a set of methods that another set of users can not access. Is there a way to get the HttpRequest object from a method? Thanks, John Baker -- Web SSO IT Infrastructure Deutsche Bank London URL: http://websso.cto.gt.intranet.db.com --- This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and delete this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden. Please refer to http://www.db.com/en/content/eu_disclosures.htm for additional EU corporate and regulatory disclosures.
---------------------------- IONA Technologies PLC (registered in Ireland) Registered Number: 171387 Registered Address: The IONA Building, Shelbourne Road, Dublin 4, Ireland
