geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Jencks (JIRA)" <>
Subject [jira] Closed: (GERONIMO-648) EJB web services need user data permissions too
Date Tue, 17 May 2005 00:32:05 GMT
     [ ]
David Jencks closed GERONIMO-648:

     Resolution: Fixed
    Fix Version: 1.0-M4

Implemented in rev 170494 and in openejb.  I didn't use UserDataPermissions or a JACC-like
approach but just checked the transport and login status directly.

> EJB web services need user data permissions too
> -----------------------------------------------
>          Key: GERONIMO-648
>          URL:
>      Project: Geronimo
>         Type: Bug
>   Components: webservices
>     Versions: 1.0-M3
>     Reporter: David Jencks
>     Assignee: David Jencks
>      Fix For: 1.0-M4

> Since ejb web services are not part of a web application, they don't get the user data
permissions that a web app does.  Therefore there is no way to specify that ssl/tls or a client
certificate is needed.  Also there is no way to specify how to login.  We can add a section
to the openejb plan that specifies transport-guarantee and authentication-method just like
for a web app.  We might want to consider bringing this up with the appropriate spec committee.

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators:
For more information on JIRA, see:

View raw message