| Summary: | roles and constraints need to be added after init | ||
|---|---|---|---|
| Product: | [RT] Jetty | Reporter: | Greg Wilkins <gregw> |
| Component: | server | Assignee: | Jan Bartel <janb> |
| Status: | CLOSED FIXED | QA Contact: | |
| Severity: | normal | ||
| Priority: | P3 | CC: | janb, jetty-inbox |
| Version: | 7.1.4 | ||
| Target Milestone: | 7.1.x | ||
| Hardware: | PC | ||
| OS: | Linux | ||
| Whiteboard: | |||
|
Description
Greg Wilkins
is this now dealt with? I see a DeclareRolesAnnotationHandler that looks for DeclareRoles annotations and adds those roles to the constraint security handler so think its resolves... Jan, can you confirm and close or if there is something else missing here expand on it and I'll take care of it There is indeed the @DeclaresRoles annotation method implemented that will add roles to the context that can be tested with isUserInRole() method programmatically. There is also the test-annotation-webapp over on codehaus that exercises this annotation. The @ServletSecurity annotation has also been implemented that is introspected when the Servlet class goes into use. This annotation defines constraints. Note also that all relevant tests from the Glassfish JavaEE6 Samples project have been run against jetty-8: see http://glassfish-samples.java.net/. Fixed for jetty-8. I should have also added that @DeclaresRoles is also implemented for jetty-7. The @ServletSecurity annotation only exists in jetty-8 (as it is servlet 3.0). |