At a glance this looks correct... Try checking out jboss from cvs and building that, and then the testsuite. Have a look at aoptest.sar...
Actually revisiting this I see that we do | <prepare expr="all(org.jboss.test.aop.bean.SecuredPOJO)"/> | | <metadata tag="security" class="org.jboss.test.aop.bean.SecuredPOJO"> | .... | i.e. we "prepare" AND apply metadata to the class we want to secure. I can't remember off the top of my head if this "prepare" is a requirement or not, but try: | <?xml version="1.0" encoding="UTF-8"?> | <!DOCTYPE aop PUBLIC | "-//JBoss//DTD JBOSS AOP 1.0//EN" | "http://www.jboss.org/aop/dtd/jboss-aop_1_0.dtd"> | | <aop> | <prepare expr="all(security.TransferFunds)"/> | <metadata tag="security" class="security.TransferFunds"> | <security-domain>java:/jaas/other</security-domain> | <run-as>admin</run-as> | <method-permission> | <role-name>rolB</role-name> | <method> | <method-name>withdrawAll</method-name> | </method> | </method-permission> | <method-permission> | <role-name>rolA</role-name> | <method> | <method-name>deposit</method-name> | </method> | </method-permission> | </metadata> | </aop> | HTH View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4009761#4009761 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4009761 _______________________________________________ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user