Hi! There is good tutorial Basic Authentication with JAX-WS
But it describe deployment description for web based application (war). Is it passable describe in ejb jar deployment description ?
For web.xml
<security-constraint>
<display-name>SecurityConstraint</display-name>
<web-resource-collection>
<web-resource-name>WRCollection</web-resource-name>
<url-pattern>/hello</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>TutorialUser</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-constraint>BASIC</auth-constraint>
<realm-name>file</realm-name>
</login-config>
<security-role>
<role-name>TutorialUser</role-name>
</security-role>
I found out description of security rules by annotation -
Security Annotations and Authorization in GlassFish and the Java EE 5 SDK
But is this is enough ?
Than you!