[jboss-dev-forums] [Design of Security on JBoss] - Re: Invalid Issue: SECURITY-340
scott.stark@jboss.org
do-not-reply at jboss.com
Thu Dec 11 14:19:46 EST 2008
I don't see where the Ejb3AuthenticationInterceptorv2 is being configured in a AS deployment, so I don't see how that can be addressed as a JBAS issue. I guess its this AuthenticationInterceptorFactory in ejb3-interceptors-aop.xml that is creating the interceptor:
| <interceptor factory="org.jboss.ejb3.security.AuthenticationInterceptorFactory" scope="PER_CLASS"/>
|
but then that needs to be updated to allow for injection, or more likely the stack of interceptors needs to be created directly as beans. What's the state of the -aop.xml supporting fully configured stack of beans rather than using this older factory based creation?
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4196044#4196044
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4196044
More information about the jboss-dev-forums
mailing list