geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ivan (JIRA)" <j...@apache.org>
Subject [jira] Created: (GERONIMO-4669) EJ B security does not work correctly when no permssion is set and the user does a login
Date Wed, 03 Jun 2009 06:16:07 GMT
EJ B security does not work correctly when no permssion is set and the user does a login
----------------------------------------------------------------------------------------

                 Key: GERONIMO-4669
                 URL: https://issues.apache.org/jira/browse/GERONIMO-4669
             Project: Geronimo
          Issue Type: Bug
      Security Level: public (Regular issues)
          Components: OpenEJB
    Affects Versions: 2.2
            Reporter: Ivan
            Assignee: Ivan
             Fix For: 2.2


Currently, if in the ejb-jar.xml file, not method-permission exists, we will not create a
JACC Manager. But the securityEnabled is always set to true, so while the user login in, then
the access is denied. In the past versions, we always create a JACC Manager even if no method
permisson is set, and in it, all the method invocation permissions are granted. This issue
blocked some EJB TCK testcases, I think.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message