[
https://issues.jboss.org/browse/EJBTHREE-2255?page=com.atlassian.jira.plu...
]
Richard Kennard commented on EJBTHREE-2255:
-------------------------------------------
Jaikiran,
Thanks for your response!
I tried that and it didn't work? I'm fairly sure if you remove the @SecurityDomain
it just means 'this class says nothing about whether the EJB is in/not in any
security-domain'.
Richard.
@SecurityDomain has no equivalent for <security-domain/>
--------------------------------------------------------
Key: EJBTHREE-2255
URL:
https://issues.jboss.org/browse/EJBTHREE-2255
Project: EJB 3.0
Issue Type: Bug
Environment: JBoss 6.0.0.Final
Reporter: Richard Kennard
Attachments: SecurityDomainTest.zip
Test case attached.
We have found it useful to turn off the security-domain for certain EJBs so that they can
be accessed from unauthenticated clients. We can do this in jboss.xml using
<security-domain /> but not, it seems, from an EJB using the @SessionDomain
annotation.
A @SessionDomain( "" ) is simply ignored.
We're not a big fan of hard-coding security domain names inside EJBs, but it seems
fine to be able to say 'this EJB has no security domain at all'. Should the
annotation work for this?
--
This message is automatically generated by JIRA.
For more information on JIRA, see:
http://www.atlassian.com/software/jira