Uploaded image for project: 'PicketBox '
  1. PicketBox
  2. SECURITY-878

Container-provided security role "**" (EJB 3.2) not working

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved (View Workflow)
    • Priority: Major
    • Resolution: Done
    • Affects Version/s: PicketBox_4_0_21.Final
    • Fix Version/s: PicketBox_4_9_0.Final
    • Component/s: None
    • Labels:
      None

      Description

      EJB 3.2 12.3.1 Security Roles:

      A security role with the name “**” is defined by the Container, and is intended to be used by the Bean
      Provider, Application Assembler, or Deployer to indicate that the caller must log on or authenticate to
      invoke a method or to perform some processing requiring membership in this container role. This con-
      tainer security role indicates that authentication, without consideration of role membership, is required.

      This doesn't seem to work in WildFly 9.0.0.Beta1. An authenticated user trying to invoke methods annotated @PermitAll("**") gets an EJBAccessException.
      I started preparing tests for this behavior at https://github.com/jmartisk/wildfly/commits/master-ejb32tests-starrole

      It causes failures in:
      InherritanceAnnSFSBTestCase.testSingleMethodAnnotationsUser1
      InherritanceAnnSLSBTestCase.testSingleMethodAnnotationsUser1
      InjectionAnnSFSBtoSFSBTestCase.testSingleMethodAnnotationsUser1
      InjectionAnnSFSBtoSLSBTestCase.testSingleMethodAnnotationsUser1
      InjectionAnnSLSBtoSFSBTestCase.testSingleMethodAnnotationsUser1
      InjectionAnnSLSBtoSLSBTestCase.testSingleMethodAnnotationsUser1
      SingleMethodsAnnSFSBTestCase.testSingleMethodAnnotationsUser1
      SingleMethodsAnnSLSBTestCase.testSingleMethodAnnotationsUser1

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              sguilhen Stefan Guilhen
              Reporter:
              jmartisk Jan Martiska
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: