geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Jencks (JIRA)" <j...@apache.org>
Subject [jira] Closed: (GERONIMO-4521) ejb apps with spec security constraints should only deploy if there are corresponding geronimo security constraints, as with web apps
Date Fri, 23 Jan 2009 00:57:59 GMT

     [ https://issues.apache.org/jira/browse/GERONIMO-4521?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

David Jencks closed GERONIMO-4521.
----------------------------------

    Resolution: Fixed

trunk rev 736874
branches/2.1 rev 736877

> ejb apps with spec security constraints should only deploy if there are corresponding
geronimo security constraints, as with web apps
> -------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: GERONIMO-4521
>                 URL: https://issues.apache.org/jira/browse/GERONIMO-4521
>             Project: Geronimo
>          Issue Type: Improvement
>      Security Level: public(Regular issues) 
>          Components: deployment, OpenEJB
>    Affects Versions: 2.1.3, 2.1.4, 2.2
>            Reporter: David Jencks
>            Assignee: David Jencks
>             Fix For: 2.1.4, 2.2
>
>
> for quite a while we have only allowed you to deploy a web app with security constraints
if you also supply a geronimo security configuration; otherwise you get no security constraints
at all.  We should be doing the same for ejb apps.  While this may be inconvenient for those
who want to try deploying an app without completing the configuration, the alternative is
to give the impression that the deployed app is enforcing the security constraints -- which
it is not.
> I suppose an alternative might be to figure out a way to deploy and just forbid access
to any resources that are constrained.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message