]
Anil Saldhana closed JBAS-5014.
-------------------------------
Resolution: Done
Trunk: Revision: Committed revision 67545
Branch_4_2: Committed revision 67546
EJBMethodPermission implies should check for null methodname and
methodSig==""
------------------------------------------------------------------------------
Key: JBAS-5014
URL:
http://jira.jboss.com/jira/browse/JBAS-5014
Project: JBoss Application Server
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: Security
Affects Versions: JBossAS-5.0.0.Beta2, JBossAS-4.2.2.GA
Reporter: Anil Saldhana
Assigned To: Anil Saldhana
Fix For: JBossAS-5.0.0.Beta3, JBossAS-4.2.3.GA
Consider the following test:
==============
/**
* Test a Method Permission for all methods of an EJB
*/
public void testAllStarEJBMethodPermission()
{
EJBMethodPermission policyPerm = new EJBMethodPermission("ejbName",
null, null, new String[0]);
EJBMethodPermission userPerm = new EJBMethodPermission("ejbName",
"create", dummyInterface.class.getMethods()[0]);
EJBMethodPermission userPerm2 = new EJBMethodPermission("ejbName",
"a", "LocalHome", new String[]{"java.lang.String"});
assertTrue(policyPerm.implies(userPerm));
assertTrue(policyPerm.implies(userPerm2));
}
========================================
The check for userPerm2 fails.
The permission in the Policy should check for "null" methodName (which implies
"*") and also for the methodSignature to be "" (or String[0])
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: