Comment 1 Greg Wilkins 2011-02-22 23:52:31 EST

is this now dealt with?

Comment 2 Jesse McConnell 2011-05-11 12:24:44 EDT

I see a DeclareRolesAnnotationHandler that looks for DeclareRoles annotations and adds those roles to the constraint security handler so think its resolves...

Jan, can you confirm and close or if there is something else missing here expand on it and I'll take care of it

Comment 3 Jan Bartel 2011-06-30 23:26:16 EDT

There is indeed the @DeclaresRoles annotation method implemented that will add roles to the context that can be tested with isUserInRole() method programmatically. There is also the test-annotation-webapp over on codehaus that exercises this annotation.

The @ServletSecurity annotation has also been implemented that is introspected when the Servlet class goes into use. This annotation defines constraints.

Note also that all relevant tests from the Glassfish JavaEE6 Samples project have been run against jetty-8: see http://glassfish-samples.java.net/.

Comment 4 Jan Bartel 2011-06-30 23:27:21 EDT

Fixed for jetty-8.

Comment 5 Jan Bartel 2011-06-30 23:29:53 EDT

I should have also added that @DeclaresRoles is also implemented for jetty-7. The @ServletSecurity annotation only exists in jetty-8 (as it is servlet 3.0).