geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Jencks (JIRA)" <...@geronimo.apache.org>
Subject [jira] Closed: (GERONIMO-648) EJB web services need user data permissions too
Date Tue, 17 May 2005 00:32:05 GMT
     [ http://issues.apache.org/jira/browse/GERONIMO-648?page=all ]
     
David Jencks closed GERONIMO-648:
---------------------------------

     Resolution: Fixed
    Fix Version: 1.0-M4

Implemented in rev 170494 and in openejb.  I didn't use UserDataPermissions or a JACC-like
approach but just checked the transport and login status directly.

> EJB web services need user data permissions too
> -----------------------------------------------
>
>          Key: GERONIMO-648
>          URL: http://issues.apache.org/jira/browse/GERONIMO-648
>      Project: Geronimo
>         Type: Bug
>   Components: webservices
>     Versions: 1.0-M3
>     Reporter: David Jencks
>     Assignee: David Jencks
>      Fix For: 1.0-M4

>
> Since ejb web services are not part of a web application, they don't get the user data
permissions that a web app does.  Therefore there is no way to specify that ssl/tls or a client
certificate is needed.  Also there is no way to specify how to login.  We can add a section
to the openejb plan that specifies transport-guarantee and authentication-method just like
for a web app.  We might want to consider bringing this up with the appropriate spec committee.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


Mime
View raw message