Not sure i got you, you mean runas doesn't respect @RoleAllowed? *Romain Manni-Bucau* *Twitter: @rmannibucau <https://twitter.com/rmannibucau>* *Blog: **http://rmannibucau.wordpress.com/*<http://rmannibucau.wordpress.com/> *LinkedIn: **http://fr.linkedin.com/in/rmannibucau* *Github: https://github.com/rmannibucau*
2013/6/11 hwaastad <[email protected]> > Hi, > the user gets the correct role after login (SuperAdmin) > > Then the user calls the bordercontroller.sayhelloborder. > > The bordercontroller has @RunAs("InternalGroup") and the method > sayhelloborder > has @RolesAllowed("SuperAdmin") > > If I remove @rolesallowed, output is: > > ViewController Start > ViewController: User is in SuperAdmin > ViewController: Calling BorderController. Principal Name: admin > BorderControl:Start > BorderControl: User is in InternalGroup > BorderControl:Calling Businessbean. Principal Name: admin > > It seems that the runas override also overrides the methods access (if you > see what I mean) > > No, I've only added the Realm to the application context.xml. > I can se by logging that the JAAS authentication is working fine. > > br hw > > > > > > > > -- > View this message in context: > http://openejb.979440.n4.nabble.com/Tomee-and-security-role-mapping-tp4663567p4663659.html > Sent from the OpenEJB User mailing list archive at Nabble.com. >
