Announcement Announcement Module
No announcement yet.
Security annotations in a J2EE 1.4 environment Page Title Module
Move Remove Collapse
This topic is closed
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • Security annotations in a J2EE 1.4 environment

    I just got bitten. I used the JSR-250 @RolesAllowed annotation for method-level security. I tried running it in a J2EE 1.4 app server and it blew-up.

    The docs on this page say:

    If you are using Java 5 or greater, then support for JSR-250 security annotations is provided, as well as the framework's native @Secured annotation.
    According to the introduction to J2EE1.5 JSR-250 was implemented with EJB3.0, which comes with J2EE1.5, not JDK1.5 (Java 5).

    Do the @Secured annotations work in a J2EE1.4 environment on JDK1.5? I need to find an alternative to @RolesAllowed.

  • #2
    How did you get what error did you get? If you are missing @RolesAllowed, you can add jsr250-api to your classpath. You do not need to rely on EJB with Spring Security. Instead, Spring is your container and it will secure the objects it creates. If you are not using Spring to create the objects you want to secure you will likely need to use AspectJ. In short, you should be able to use @RolesAllowed or @Secured with Spring Security, Java 1.5, and J2EE 1.4.


    • #3
      aha! jsr250-api.jar wasn't being bundled into the war. I think this might do it. Thanks!