[jboss-jira] [JBoss JIRA] Updated: (JBAS-1493) IsCallerInRole with anonymous caller/run-as does not see run-as role
[ http://jira.jboss.com/jira/browse/JBAS-1493?page=all ]
Dimitris Andreadis updated JBAS-1493:
-------------------------------------
Fix Version/s: (was: JBossAS-3.2.8.SP2)
Unschedule 3.2.8.SP2 tasks, since we are not going to produce another release from that
branch.
IsCallerInRole with anonymous caller/run-as does not see run-as role
--------------------------------------------------------------------
Key: JBAS-1493
URL: http://jira.jboss.com/jira/browse/JBAS-1493
Project: JBoss Application Server
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: Security
Affects Versions: JBossAS-3.2.7 Final
Environment: EJBSpecUnitTestCase.testMDBDeepRunAs
Reporter: Scott M Stark
Assigned To: Scott M Stark
And MDB using a run-as role along a call path:
DeepRunAsMDB -> Level1MDBCallerBean.callEcho() ->
Level2CallerBean.invokeEcho() -> Level3CalleeBean.echo()
properly uses the run-as role for access to the ejbs, but we have a weaker notion in 3.2
vs 4.0 of how the run-as should show up in the isCallerInRole context call, and this test
validates that the run-as role is seen by isCallerInRole. The 3.2 implementation needs to
be updated to support this as well.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira