Radoslav Husar created AS7-4311: ----------------------------------- Summary: CLONE - Re-review: EJB client should not have silet auth enabled by default Key: AS7-4311 URL: https://issues.jboss.org/browse/AS7-4311 Project: Application Server 7 Issue Type: Bug Components: EJB, Security Affects Versions: 7.1.1.Final Reporter: Radoslav Husar Assignee: Darran Lofthouse Fix For: 7.1.2.Final EJB client running on local node can bypass auth by using silet auth. This behaviour should be reviewed whether to be disabled by default. See comments https://issues.jboss.org/browse/AS7-4309?focusedCommentId=12679945&pa... https://issues.jboss.org/browse/AS7-4309?focusedCommentId=12679955&pa... -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira