jax-rs-spec
  1. jax-rs-spec
  2. JAX_RS_SPEC-27

Specify mapping of AccessLocalException for EJBs with @RolesAllowed

    Details

    • Type: Bug Bug
    • Status: Open
    • Priority: Minor Minor
    • Resolution: Unresolved
    • Affects Version/s: 2.1
    • Fix Version/s: ice box
    • Component/s: None
    • Labels:
      None
    • Environment:

      Operating System: All
      Platform: Macintosh

    • Issuezilla Id:
      99

      Description

      When @RolesAllowed is declared on an session bean that is also a resource class
      and then the EJB may throw a AccessLocalException if the client is not authorized.

      JAX-RS implementations should map this AccessLocalException to a 401 response.

      Applications will of course need to correctly set up credentials and the sharing
      of those between the web and ejb containers.

      It remains an open issue how a JAX-RS implementation can obtain information to
      return a WWW-Authenticate response header.

        Activity

        Hide
        matthewcornell added a comment -

        Hello folks. I'm new to Java EE and found that the server's returning of 500 vs. 401 to be misleading and confusing. Is this considered a minor issue for developers? Thanks very much. – matt

        Show
        matthewcornell added a comment - Hello folks. I'm new to Java EE and found that the server's returning of 500 vs. 401 to be misleading and confusing. Is this considered a minor issue for developers? Thanks very much. – matt
        Hide
        Marek Potociar added a comment -

        We're waiting for a better common security auth context support in JEE to be able to deal with this in a portable way. Deferring to future release.

        Show
        Marek Potociar added a comment - We're waiting for a better common security auth context support in JEE to be able to deal with this in a portable way. Deferring to future release.

          People

          • Assignee:
            Unassigned
            Reporter:
            sandoz
          • Votes:
            1 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated: