JSR250

Using JSR-250 security annotation to restrict access to resources

Using of JSR-250 security annotations

EverRest supports following security annotations @RolesAllowed, @PermitAll, @DenyAll. This feature is turned on by default. You can disable it by setting org.everrest.security context parameter to false in web.xml file.

<context-param>
   <param-name>org.everrest.security</param-name>
   <param-value>false</param-value>
</context-param>

Usage:

@Path("a")
public class MyResource
{
   @DenyAll
   @GET
   @Path("b")
   public void denyAll()
   {
   ...
   }

   @RolesAllowed({"admins"})
   @GET
   @Path("c")
   public void adminsOnly()
   {
   ...
   }
}

Method denyAll in MyResource not allowed to call for anybody, method adminsOnly allowed to call only for users in admins role.

User's guide
- Overview
- Resources
- Message body readers and writers
- Exception Handling
- Dependency resolving
- Security
  - JSR-250
- Testing
Extensions
Integration
- Servlets
- Guice

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

JSR250

Using of JSR-250 security annotations

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Clone this wiki locally