]
jaikiran pai commented on EJBTHREE-2255:
----------------------------------------
If you just remove the @SecurityDomain, that should mean that the security is disabled.
@SecurityDomain has no equivalent for <security-domain/>
--------------------------------------------------------
Key: EJBTHREE-2255
URL:
https://issues.jboss.org/browse/EJBTHREE-2255
Project: EJB 3.0
Issue Type: Bug
Environment: JBoss 6.0.0.Final
Reporter: Richard Kennard
Attachments: SecurityDomainTest.zip
Test case attached.
We have found it useful to turn off the security-domain for certain EJBs so that they can
be accessed from unauthenticated clients. We can do this in jboss.xml using
<security-domain /> but not, it seems, from an EJB using the @SessionDomain
annotation.
A @SessionDomain( "" ) is simply ignored.
We're not a big fan of hard-coding security domain names inside EJBs, but it seems
fine to be able to say 'this EJB has no security domain at all'. Should the
annotation work for this?
--
This message is automatically generated by JIRA.
For more information on JIRA, see: