User Tools

Site Tools


java_web_authentication

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
java_web_authentication [2013/11/22 13:50]
mihael
java_web_authentication [2013/11/22 15:18] (current)
mihael
Line 64: Line 64:
  
 <note important>​If no security roles are declared either via annotations or via web.xml entries then the call to ''​isUserInRole(role)''​ will always return ''​false''​.</​note>​ <note important>​If no security roles are declared either via annotations or via web.xml entries then the call to ''​isUserInRole(role)''​ will always return ''​false''​.</​note>​
 +
 +<note important>​The entries in the //web.xml// are only used in auth for servlet based resource, like plain servlet or REST web services which are based on servlets. Auth for EJBs should put the entries in ejb-jar.xml or use that annotation //​@DeclareRoles//​.</​note>​
  
 ==== Check Role ==== ==== Check Role ====
Line 112: Line 114:
  
 Glassfish needs explicitly a mapping **for each** used role name. Other application servers may behave differently and may assume that the names are identical if not stated otherwise. Glassfish needs explicitly a mapping **for each** used role name. Other application servers may behave differently and may assume that the names are identical if not stated otherwise.
 +
 +===== Links =====
 +  * [[https://​java.net/​jira/​browse/​JAVAEE_SPEC-20 | Standardize group to role mapping]]
java_web_authentication.1385128232.txt.gz ยท Last modified: 2013/11/22 13:50 by mihael