Looks like only web.xml matters security-constraint> | <web-resource-collection> | <web-resource-name>Server service</web-resource-name> | <url-pattern>/*</url-pattern> | <http-method>POST</http-method> | </web-resource-collection> | <auth-constraint> | <role-name>testuser</role-name> | </auth-constraint> | </security-constraint> and @RolesAllowed annotation does no effect
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4105030#4105030 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4105030 _______________________________________________ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user