[jboss-cvs] JBossAS SVN: r67528 - trunk/server/src/main/org/jboss/ejb/plugins.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue Nov 27 20:02:48 EST 2007
Author: anil.saldhana at jboss.com
Date: 2007-11-27 20:02:48 -0500 (Tue, 27 Nov 2007)
New Revision: 67528
Modified:
trunk/server/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java
Log:
JBAS-5011: fall back to unauthenticated principal in the absence of an explicit run as principal in jboss.xml
Modified: trunk/server/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java 2007-11-28 00:07:00 UTC (rev 67527)
+++ trunk/server/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java 2007-11-28 01:02:48 UTC (rev 67528)
@@ -136,6 +136,10 @@
{
String roleName = secMetaData.getRunAsRoleName();
String principalName = secMetaData.getRunAsPrincipalName();
+
+ //Special Case: if RunAsPrincipal is not configured, then we use unauthenticatedIdentity
+ if(principalName == null)
+ principalName = applicationMetaData.getUnauthenticatedPrincipal();
// the run-as principal might have extra roles mapped in the assembly-descriptor
Set extraRoleNames = assemblyDescriptor.getSecurityRoleNamesByPrincipal(principalName);
More information about the jboss-cvs-commits
mailing list