Elytron/JACC: Inconsistent EjbMethodPermissions ----------------------------------------------- Key: WFLY-12794 URL: https://issues.redhat.com/browse/WFLY-12794 Project: WildFly Issue Type: Bug Components: EJB, Security Affects Versions: 18.0.0.Final Reporter: Ulf Brosziewski Assignee: Farah Juma Priority: Critical Attachments: quickstart-ejb-sec.diff When JACC is enabled in an elytron application domain, calling a secured ejb method that has an array parameter causes an EjbAccessException. The reason for the failure is that the EjbMethodPermissions created by the EjbJaccConfigurator and the JaccInterceptor do not agree in the format of the type names for method parameters. According to the JACC specification and API documentation, names for array types should have the "canonical" form: component-type + "[]". The permission objects built by the JaccInterceptor conform to that, but the EjbJaccConfigurator builds them with type names obtained from a "MethodIdentifier", and these names have the internal format as returned by Class.getName().