Why doesn't @RolesAllowed of JAAS work i.e. why there is no exception when an unauthorized websocket request comes to the server. If the same request is an ajax request it works perfectly!
I am using grizzly websockets and glassfish server.
Asked
Active
Viewed 149 times
1 Answers
0
In Glassfish3 WebSocket requests come to user WebSocketApplication directly bypassing web container. I think this is the reason why @RolesAllowed is ignored. You can try Glassfish4 + standard WebSocket API, I think @RolesAllowed should work there.
alexey
- 1,959
- 10
- 9