Hi,
I cannot override security annotations in OpenEJB3 (the same concerns
OpenEJB3.1). In the following example I cannot call createStudent with role
SysAdmin. When I remove security annotation I can call createStudent only with
role SysAdmin. That means that I can set method permissions in ejb-jar.xml but
not override them.
--LOG--
INFO: The transaction has been marked rollback only because the bean
encountered a non-application exception :javax.ejb.EJBAccessException :
Unauthorized Access by Principal Denied
--LOG--
Is something wrong with my code or with OpenEjb? Can you help me to solve this
problem?
I use OpenEjb for unit testing. Application is deployed on Glassfish server and
method permissions are correctly set there.
--EJB--
@RolesAllowed({"StudentAdmin"})
public void createStudent....
--sun-ejb.jar--
<assembly-descriptor>
<security-role>
<role-name>SysAdmin</role-name>
</security-role>
<method-permission>
<role-name>SysAdmin</role-name>
<method>
<ejb-name>StudentEndpoint</ejb-name>
<method-name>createStudent</method-name>
</method>
</method-permission>
Thanks in advance
--
Marcin Kwapisz
Division of Computer Networks
Technical Univeristy of Lodz, Poland
