Autenticazione senza ruolo in web.xml in JBoss AS 7

Question

Per un'applicazione aziendale RESTful ho bisogno di tutte le chiamate per essere autenticate, ma non posso fornire un gruppo/comune comune a tutti gli utenti del sistema. Autenticarsi e autorizzare su LDAP (che non dovrebbe fare la differenza per questo problema).

Se lascio gli elementi commentati come nel web.xml qui sotto, non ottengo alcun tipo di autenticazione. Come posso avere l'autenticazione senza la necessità di un ruolo comune? Inoltre, un autoconfigurazione vuota non funziona.

<?xml version="1.0" encoding="UTF-8"?> 
<web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" 
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
    xsi:schemaLocation=" http://java.sun.com/xml/ns/javaee  http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"> 
    <context-param> 
     <!-- fpe: This one is necessary. --> 
     <param-name>resteasy.role.based.security</param-name> 
     <param-value>true</param-value> 
    </context-param> 
    <security-constraint> 
     <web-resource-collection> 
      <web-resource-name>Resteasy</web-resource-name> 
      <url-pattern>/*</url-pattern> 
      <http-method>GET</http-method> 
      <http-method>POST</http-method> 
      <http-method>PUT</http-method> 
      <http-method>DELETE</http-method> 
     </web-resource-collection> 
<!--  <auth-constraint> --> 
<!--   <role-name>*</role-name> --> 
<!--  </auth-constraint> --> 
     <user-data-constraint> 
      <transport-guarantee>CONFIDENTIAL</transport-guarantee> 
     </user-data-constraint> 
    </security-constraint> 
    <login-config> 
     <auth-method>BASIC</auth-method> 
     <realm-name>Login</realm-name> 
    </login-config> 
<!-- <security-role> --> 
<!--  <role-name>the_common_role</role-name> --> 
<!-- </security-role> --> 
</web-app> 

Utilizzando l'* fa correttamente il trucco:

<?xml version="1.0" encoding="UTF-8"?> 
<web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" 
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
    xsi:schemaLocation=" http://java.sun.com/xml/ns/javaee  http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"> 
    <context-param> 
     <!-- fpe: This one is necessary. --> 
     <param-name>resteasy.role.based.security</param-name> 
     <param-value>true</param-value> 
    </context-param> 
    <security-constraint> 
     <web-resource-collection> 
      <web-resource-name>Resteasy</web-resource-name> 
      <url-pattern>/*</url-pattern> 
      <http-method>GET</http-method> 
      <http-method>POST</http-method> 
      <http-method>PUT</http-method> 
      <http-method>DELETE</http-method> 
     </web-resource-collection> 
     <auth-constraint> 
      <role-name>*</role-name> 
     </auth-constraint> 
     <user-data-constraint> 
      <transport-guarantee>CONFIDENTIAL</transport-guarantee> 
     </user-data-constraint> 
    </security-constraint> 
    <login-config> 
     <auth-method>BASIC</auth-method> 
     <realm-name>Login</realm-name> 
    </login-config> 
    <security-role> 
     <role-name>*</role-name> 
    </security-role> 
</web-app> 

Answer 1

risposta allegata nella domanda.