Seth Miller created WFLY-3850: --------------------------------- Summary: NPE Deploying EJB @WebService without Security Domain Key: WFLY-3850 URL: https://issues.jboss.org/browse/WFLY-3850 Project: WildFly Issue Type: Bug Components: EJB, Web (JBoss Web) Affects Versions: 8.1.0.Final Reporter: Seth Miller Assignee: David Lloyd Disable EJB security interceptors by altering the standalone.xml ejb subsystem to remove the security domain, then deploy an .ear file with a @WebService within an EJB. The EAR will fail to deploy with the following: {code} Caused by: java.lang.NullPointerException at org.jboss.as.webservices.tomcat.AbstractSecurityMetaDataAccessorEJB.getSecurityDomain(AbstractSecurityMetaDataAccessorEJB.java:63) at org.jboss.as.webservices.tomcat.WebMetaDataCreator.createJBossWebAppDescriptor(WebMetaDataCreator.java:120) at org.jboss.as.webservices.tomcat.WebMetaDataCreator.create(WebMetaDataCreator.java:80) at org.jboss.as.webservices.tomcat.WebMetaDataCreatingDeploymentAspect.start(WebMetaDataCreatingDeploymentAspect.java:41) at org.jboss.as.webservices.deployers.AspectDeploymentProcessor.deploy(AspectDeploymentProcessor.java:75) at org.jboss.as.server.deployment.DeploymentUnitPhaseService.start(DeploymentUnitPhaseService.java:159) ... 5 more {code} Workaround: To keep security interceptors disabled on all other EJBs, annotate @WebService classes with a security domain: @SecurityDomain("other") via the pom.xml dependency: {code} <dependency> <groupId>org.jboss.ejb3</groupId> <artifactId>jboss-ejb3-ext-api</artifactId> <version>${version.org.jboss.ejb3.ext-api}</version> <scope>provided</scope> </dependency> {code} -- This message was sent by Atlassian JIRA (v6.3.1#6329)