Uploaded image for project: 'JBoss Metadata'
  1. JBoss Metadata
  2. JBMETA-152

@RolesAllowed in hierarchy are additive, should be overridden

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Major
    • 1.0.0.CR11
    • 1.0.0.CR9
    • None
    • None

    Description

      EJB3 Core Specification 17.3.2.1:

      "If a method M of class S overrides a business method defined by a superclass of S, the method
      permissions value of M is determined by the above rules as applied to class S."

      As it stands, the following construct:

      public class SecureServiceBeanBase implements SecureService
      {
      @RolesAllowed(SecureService.ROLES_BEAN_BASE)
      public void someMethod()

      { return; }

      }

      @Stateless
      @Local(SecureService.class)
      public class SecureServiceBean extends SecureServiceBeanBase implements SecureService
      {
      @Override
      @RolesAllowed(SecureService.ROLES_EJB)
      public void someMethod()
      { return; }

      }

      ...results in two method permissions for "someMethod".

      Attachments

        Issue Links

          is related to

          Bug - A problem that impairs or prevents the functions of the product. JBMETA-207 NullPointerException during deployment of EJB3 methods with zero parameters

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Resolved

          Activity

            People

              arubinge@redhat.com Andrew Rubinger (Inactive)
              arubinge@redhat.com Andrew Rubinger (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: