Radoslav Husar created AS7-4310:
-----------------------------------
Summary: Re-review: EJB client should not have silet auth enabled by default
Key: AS7-4310
URL:
https://issues.jboss.org/browse/AS7-4310
Project: Application Server 7
Issue Type: Bug
Components: EJB, Security
Affects Versions: 7.1.1.Final
Reporter: Radoslav Husar
Assignee: Darran Lofthouse
Fix For: 7.1.2.Final
EJB client running on local node can bypass auth by using silet auth. This behaviour
should be reviewed whether to be disabled by default.
See comments
https://issues.jboss.org/browse/AS7-4309?focusedCommentId=12679945&pa...
https://issues.jboss.org/browse/AS7-4309?focusedCommentId=12679955&pa...
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see:
http://www.atlassian.com/software/jira