]
Seth Miller commented on WFLY-3850:
-----------------------------------
Fixed with merge in 9.0.0.Alpha.
NPE Deploying EJB @WebService without Security Domain
-----------------------------------------------------
Key: WFLY-3850
URL:
https://issues.jboss.org/browse/WFLY-3850
Project: WildFly
Issue Type: Bug
Components: EJB, Web (JBoss Web)
Affects Versions: 8.1.0.Final
Reporter: Seth Miller
Assignee: David Lloyd
Disable EJB security interceptors by altering the standalone.xml ejb subsystem to remove
the security domain, then deploy an .ear file with a @WebService within an EJB. The EAR
will fail to deploy with the following:
{code}
Caused by: java.lang.NullPointerException
at
org.jboss.as.webservices.tomcat.AbstractSecurityMetaDataAccessorEJB.getSecurityDomain(AbstractSecurityMetaDataAccessorEJB.java:63)
at
org.jboss.as.webservices.tomcat.WebMetaDataCreator.createJBossWebAppDescriptor(WebMetaDataCreator.java:120)
at
org.jboss.as.webservices.tomcat.WebMetaDataCreator.create(WebMetaDataCreator.java:80)
at
org.jboss.as.webservices.tomcat.WebMetaDataCreatingDeploymentAspect.start(WebMetaDataCreatingDeploymentAspect.java:41)
at
org.jboss.as.webservices.deployers.AspectDeploymentProcessor.deploy(AspectDeploymentProcessor.java:75)
at
org.jboss.as.server.deployment.DeploymentUnitPhaseService.start(DeploymentUnitPhaseService.java:159)
... 5 more
{code}
Workaround:
To keep security interceptors disabled on all other EJBs, annotate @WebService classes
with a security domain: @SecurityDomain("other") via the pom.xml dependency:
{code}
<dependency>
<groupId>org.jboss.ejb3</groupId>
<artifactId>jboss-ejb3-ext-api</artifactId>
<version>${version.org.jboss.ejb3.ext-api}</version>
<scope>provided</scope>
</dependency>
{code}