Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: 7.1.2.Final (EAP)
Affects Version/s: 7.1.1.Final
Component/s: EJB, Security
Labels:
None

Git Pull Request:
https://github.com/jbossas/jboss-as/pull/2237

EJB client running on local node can bypass auth by using silet auth. This behaviour should be reviewed whether to be disabled by default.

See comments
https://issues.jboss.org/browse/AS7-4309?focusedCommentId=12679945&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-12679945
https://issues.jboss.org/browse/AS7-4309?focusedCommentId=12679955&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-12679955

clones

EJBCLIENT-36 CLONE - Re-review: EJB client should not have silet auth enabled by default

Resolved

is related to

AS7-4487 Add a <local /> element to the realm authentication definitions.

Resolved

Assignee:: Jaikiran Pai (Inactive)

Reporter:: Radoslav Husar

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2012/03/28 8:43 AM

Updated:: 2022/09/09 6:11 AM

Resolved:: 2012/05/05 3:24 AM