Uploaded image for project: 'EJB 3.0'
  1. EJB 3.0
  2. EJBTHREE-2255

@SecurityDomain has no equivalent for <security-domain/>


    • Icon: Bug Bug
    • Resolution: Obsolete
    • Icon: Major Major
    • None
    • None
    • None
    • None

      Test case attached.

      We have found it useful to turn off the security-domain for certain EJBs so that they can be accessed from unauthenticated clients. We can do this in jboss.xml using <security-domain /> but not, it seems, from an EJB using the @SessionDomain annotation.

      A @SessionDomain( "" ) is simply ignored.

      We're not a big fan of hard-coding security domain names inside EJBs, but it seems fine to be able to say 'this EJB has no security domain at all'. Should the annotation work for this?

            Unassigned Unassigned
            kennardconsulting Richard Kennard (Inactive)
            0 Vote for this issue
            3 Start watching this issue