Uploaded image for project: 'Application Server 3 4 5 and 6'
  1. Application Server 3 4 5 and 6
  2. JBAS-5960

EJB2: Lack of security domain in JBoss DD does not bypass security

XMLWordPrintable

    • Icon: Feature Request Feature Request
    • Resolution: Done
    • Icon: Major Major
    • JBossAS-5.0.0.GA
    • JBossAS-5.0.0.CR1
    • EJB2
    • None
    • Medium
    • 0
    • 0% 0%

      Currently, if there is no security domain defined for a deployment, we bypass security with a fat WARN message. But if there is presence of security meta data for the deployment (EJB2 method perms in ejb-jar.xml), there is an expectation of security enforcement. In this case, we need to default the security domain to "other".

            mmoyses Marcus Moyses (Inactive)
            anil.saldhana Anil Saldanha (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated:
              Resolved: