[jboss-jira] [JBoss JIRA] Closed: (JBAS-69) EJB Timer Service broken when used with security domain

EJB Timer Service broken when used with security domain ------------------------------------------------------- Key: JBAS-69 URL: http://jira.jboss.com/jira/browse/JBAS-69 Project: JBoss Application Server Issue Type: Bug Security Level: Public(Everyone can see) Components: EJB2 Affects Versions: JBossAS-4.0.0 Final Reporter: Scott M Stark Assigned To: Scott M Stark Priority: Critical Fix For: JBossAS-4.0.1 Final Original Estimate: 2 hours Remaining Estimate: 2 hours When an EJB (an entity bean in my case) has a security domain associated with it, calls to the ejbTimeout method fail with a SecurityException (insufficient method permissions). It appears the principal is being hardcoded to null in the TimedObjectInvoker, causing the security check to fail in the SecurityInterceptor. I have tried setting the method permissions for ejbTimeout to unchecked, but these aren't picked up, possibly because ejbTimeout is not a member of the bean's local interface.