I will setup a project on GitHub, but I just read an article,
https://docs.wso2.com/display/AS530/Developing+JAX-RS+Applications, that
seemed to say that I need to setup a SecureAnnotationsInterceptor to get
Apache CXF to honor the @Roles allowed annotation. It talks about setting
up a cxf-servlet.xml file with the following configuration:
<bean id="authorizationInterceptor"
class="org.apache.cxf.interceptor.security.SecureAnnotationsInterceptor">
<property name="securedObject" ref="serviceBean"/>
</bean>
<jaxrs:server id="customerService" address="/customers">
<jaxrs:inInterceptors>
<ref bean="authorizationInterceptor"/>
</jaxrs:inInterceptors>
<jaxrs:serviceBeans>
<ref bean="serviceBean"/>
</jaxrs:serviceBeans>
So my question is, where would I set up this configuration in a TOMEE app?
Do I just put it under the WEB-INF of the app, or does it go into one of the
existing files beans.xml, open-ebj-jars.xml? Thanks in advance,
Mark
--
View this message in context:
http://tomee-openejb.979440.n4.nabble.com/restful-web-secruity-for-TOMEE-tp4676451p4676490.html
Sent from the TomEE Users mailing list archive at Nabble.com.
