Uploaded image for project: 'Application Server 3 4 5 and 6'
  1. Application Server 3 4 5 and 6
  2. JBAS-6563

EJB3 container does not honour security annotations

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Obsolete
    • Icon: Major Major
    • No Release
    • JBossAS-4.2.3.GA
    • Security
    • None

    • Sun OS 5.11 snv_79a, Sun jdk 1.6, JBoss 4.2.3 for JDK 1.6, Eclipse Ganymede

      Hello,

      I'm using the following code as a testcase for EJB3-WS security.

      package demo;

      import javax.annotation.security.RolesAllowed;
      import javax.annotation.security.DenyAll;
      import javax.ejb.Stateless;
      import javax.jws.WebService;

      @WebService
      @Stateless
      //@RolesAllowed ("Person")
      public class HelloBean3 {
      public HelloBean3() {
      }

      @DenyAll
      public String sayHello()

      { return "EJB3x: Hello my callee!"; }

      }

      unfortunately when it's deployed to the JBoss 4.2.3 AS, it does not deny any requests to sayHello operation, but runs them happily. I'm using web service client developed in Eclipse using Axis:

      package demo;

      public class Main {
      public static void main(String[] args) throws Exception

      { // TODO Auto-generated method stub HelloBean3ServiceLocator loc = new HelloBean3ServiceLocator(); HelloBean3 hello = loc.getHelloBean3Port(); System.out.println("service tells me: `" + hello.sayHello() + "'"); }

      }

              anil.saldhana Anil Saldanha (Inactive)
              kcg_jira Karel Gardas (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Created:
                Updated:
                Resolved: