Hi
On 28/10/13 21:02, Winnebeck, Jason wrote:
I have enabled the SecureAnnotationsInterceptor to observe JSR-250 annotations on my
service bean, and everything is working properly, except that it is no longer possible to
view the WADL. I can view services page, WSDL, and all REST service URLs as expected but
not ?_wadl page. Instead, the interceptor rejects the request with a
"AccessDeniedException: Method is not available : Unauthorized" exception.
I'm using Spring security and its DelegatingFilterProxy to actually perform the
authentication via HTTP basic.
When using this interceptor, how do I control access to the service listing,
WSDL, and WADL?
SecureAnnotationsInterceptor is at the PRE_INVOKE stage, so I wonder how
the call reaches it when WADL is requested, given that
JAXRSInInterceptor which runs a WADL filter is at the earlier UNMARSHAL
stage.
SecureAnnotationsInterceptor definitely recognizes that a security
context is set (by Spring security in your case) but I'm a bit confused
why this issue is occurring for you
Can you give a bit more info please
Sergey
Jason Winnebeck
----------------------------------------------------------------------
This email message and any attachments are for the sole use of the intended
recipient(s). Any unauthorized review, use, disclosure or distribution is
prohibited. If you are not the intended recipient, please contact the sender by
reply email and destroy all copies of the original message and any attachments.
