I'm sorry, it's a lack of the docs...
Please use the SecurityContext from a jaxrs package
javax.ws.rs.core
Hope it will work
Cheers, Sergey
----- Original Message -----
From: "John-M Baker" <[EMAIL PROTECTED]>
To: <[email protected]>
Cc: <[email protected]>
Sent: Wednesday, June 18, 2008 10:13 AM
Subject: Re: Roles and permissions
Sergey,
Using @Context SecurityContext sc didn't work:
Caused by: com.sun.xml.bind.v2.runtime.IllegalAnnotationsException: 2
counts of IllegalAnnotationExceptions
org.apache.cxf.security.SecurityContext is an interface, and JAXB can't
handle interfaces.
this problem is related to the following location:
at org.apache.cxf.security.SecurityContext
at private org.apache.cxf.security.SecurityContext
com.db.websso.integration.services.jaxws_asm.GetApplicationConfiguration.arg1
at
com.db.websso.integration.services.jaxws_asm.GetApplicationConfiguration
org.apache.cxf.security.SecurityContext does not have a no-arg default
constructor.
this problem is related to the following location:
at org.apache.cxf.security.SecurityContext
at private org.apache.cxf.security.SecurityContext
com.db.websso.integration.services.jaxws_asm.GetApplicationConfiguration.arg1
at
com.db.websso.integration.services.jaxws_asm.GetApplicationConfiguration
And the SecurityContextImpl didn't work either:
Caused by: com.sun.xml.bind.v2.runtime.IllegalAnnotationsException: 1
counts of IllegalAnnotationExceptions
org.apache.cxf.jaxrs.provider.SecurityContextImpl does not have a no-arg
default constructor.
this problem is related to the following location:
at org.apache.cxf.jaxrs.provider.SecurityContextImpl
at private org.apache.cxf.jaxrs.provider.SecurityContextImpl
com.db.websso.integration.services.jaxws_asm.GetApplicationConfiguration.arg1
at
com.db.websso.integration.services.jaxws_asm.GetApplicationConfiguration
Any thoughts?
John Baker
--
Web SSO
IT Infrastructure
Deutsche Bank London
URL: http://websso.cto.gt.intranet.db.com
"Sergey Beryozkin" <[EMAIL PROTECTED]>
17/06/2008 16:04
Please respond to
[email protected]
To
<[email protected]>
cc
Subject
Re: Roles and permissions
Hi John
Try
@Context SecurityContext sc
as a parameter in your method
and then sc.isUsertInRole()...
The other option is to experiment with Acegi (Spring Security), as far as
applying permissions to individual methods - I haven't
tried myself. I think JAX-RS will support some explicit EE security
annotations too at some time
Cheers, Sergey
Hello,
Is there any way to use annotations to apply roles to methods in a
Webservice or REST call? I'd like to be able to configure an
application
to let users within one group access a set of methods that another set
of
users can not access.
Is there a way to get the HttpRequest object from a method?
Thanks,
John Baker
--
Web SSO
IT Infrastructure
Deutsche Bank London
URL: http://websso.cto.gt.intranet.db.com
---
This e-mail may contain confidential and/or privileged information. If
you are not the intended recipient (or have received this
e-mail in error) please notify the sender immediately and delete this
e-mail. Any unauthorized copying, disclosure or distribution
of the material in this e-mail is strictly forbidden.
Please refer to http://www.db.com/en/content/eu_disclosures.htm for
additional EU corporate and regulatory disclosures.
----------------------------
IONA Technologies PLC (registered in Ireland)
Registered Number: 171387
Registered Address: The IONA Building, Shelbourne Road, Dublin 4, Ireland
---
This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this
e-mail in error) please notify the sender immediately and delete this e-mail. Any unauthorized copying, disclosure or distribution
of the material in this e-mail is strictly forbidden.
Please refer to http://www.db.com/en/content/eu_disclosures.htm for additional EU corporate and regulatory disclosures.
----------------------------
IONA Technologies PLC (registered in Ireland)
Registered Number: 171387
Registered Address: The IONA Building, Shelbourne Road, Dublin 4, Ireland