You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomee.apache.org by Krzysztof Śmigrodzki <ks...@gmail.com> on 2014/02/15 15:25:49 UTC

Re: @RolesAllowed("company")

I'm sorry for resurrecting 2 month old thread, but yesterday I've been bitten
by same problem as original poster.

How do I make use of AuthorizationRequestHandler that gmatej wrote? What
incantations should I put in which configurations files. I'm using TomEE
1.6.0.



--
View this message in context: http://openejb.979440.n4.nabble.com/RolesAllowed-company-tp4666887p4667833.html
Sent from the OpenEJB User mailing list archive at Nabble.com.

Re: @RolesAllowed("company")

Posted by Krzysztof Smigrodzki <ks...@gmail.com>.

OK, I've found it out by myself.

The missing part was configuration of CXF, I've placed this content into
WEB-INF/openejb-jar.xml file:
<openejb-jar xmlns="http://www.openejb.org/openejb-jar/1.1">
    <pojo-deployment class-name="jaxrs-application">
        <properties>
            cxf.jaxrs.providers =
json,jaxb,pl.gov.mofnet.giif.auth.handlers.AuthorizationRequestHandler
        </properties>
    </pojo-deployment>
</openejb-jar>

AuthorizationRequestHandler is my copy of gmatej's class. With settings in
place REST service returns status 401 if user invoking it is recognized,
but does not have required roles.

Re: @RolesAllowed("company")

Posted by Krzysztof Smigrodzki <ks...@gmail.com>.

Testing it with 1.6.1-SNAPSHOTS is no use, as I do not know how to plug
AuthorizationRequestHandler into application.

Without this handler, REST service returns status 401 if username does not
match password, but it returns status 500 if log in with user who is
recognized, but does not have role needed for running service.


2014-02-15 16:48 GMT+01:00 Romain Manni-Bucau <rm...@gmail.com>:

> Hi
>
> Test 1.6.1 snapshot please as said in the last message
> Le 15 févr. 2014 15:42, "Krzysztof Śmigrodzki" <ks...@gmail.com> a
> écrit :
>
> > I'm sorry for resurrecting 2 month old thread, but yesterday I've been
> > bitten
> > by same problem as original poster.
> >
> > How do I make use of AuthorizationRequestHandler that gmatej wrote? What
> > incantations should I put in which configurations files. I'm using TomEE
> > 1.6.0.
> >
> >
> >
> > --
> > View this message in context:
> >
> http://openejb.979440.n4.nabble.com/RolesAllowed-company-tp4666887p4667833.html
> > Sent from the OpenEJB User mailing list archive at Nabble.com.
> >
>

Re: @RolesAllowed("company")

Posted by Romain Manni-Bucau <rm...@gmail.com>.

Hi

Test 1.6.1 snapshot please as said in the last message
Le 15 févr. 2014 15:42, "Krzysztof Śmigrodzki" <ks...@gmail.com> a
écrit :

> I'm sorry for resurrecting 2 month old thread, but yesterday I've been
> bitten
> by same problem as original poster.
>
> How do I make use of AuthorizationRequestHandler that gmatej wrote? What
> incantations should I put in which configurations files. I'm using TomEE
> 1.6.0.
>
>
>
> --
> View this message in context:
> http://openejb.979440.n4.nabble.com/RolesAllowed-company-tp4666887p4667833.html
> Sent from the OpenEJB User mailing list archive at Nabble.com.
>