Author: jim.ma
Date: 2015-03-15 23:27:45 -0400 (Sun, 15 Mar 2015)
New Revision: 19565
Modified:
container/wildfly82/branches/jbossws-wildfly820/server-integration/src/main/java/org/jboss/as/webservices/deployers/WSIntegrationProcessorJAXWS_EJB.java
Log:
Backport fix [WFLY-2129][WFLY-3988]:Fix ejb method level annotation @PermitAll;Honors the
ejb method level security permission if there is no class level security permission
Modified:
container/wildfly82/branches/jbossws-wildfly820/server-integration/src/main/java/org/jboss/as/webservices/deployers/WSIntegrationProcessorJAXWS_EJB.java
===================================================================
---
container/wildfly82/branches/jbossws-wildfly820/server-integration/src/main/java/org/jboss/as/webservices/deployers/WSIntegrationProcessorJAXWS_EJB.java 2015-03-16
03:27:42 UTC (rev 19564)
+++
container/wildfly82/branches/jbossws-wildfly820/server-integration/src/main/java/org/jboss/as/webservices/deployers/WSIntegrationProcessorJAXWS_EJB.java 2015-03-16
03:27:45 UTC (rev 19565)
@@ -179,15 +179,21 @@
// process @PermitAll annotation
if (webServiceClassInfo.annotations().containsKey(PERMIT_ALL_ANNOTATION)) {
- final AnnotationInstance permitAll =
webServiceClassInfo.annotations().get(PERMIT_ALL_ANNOTATION).iterator().next();
- if (permitAll.target().equals(webServiceClassInfo)) {
- securityRoles.add("*");
+ for (AnnotationInstance permitAll :
webServiceClassInfo.annotations().get(PERMIT_ALL_ANNOTATION)) {
+ if (permitAll.target().equals(webServiceClassInfo)) {
+ securityRoles.add("*");
+ break;
+ }
}
}
-
- return (securityRoles.size() > 0) ? Collections.unmodifiableSet(securityRoles)
: Collections.<String>emptySet();
+ //if there is no class level security annotation, it will delegate to ejb's
security check
+ if (securityRoles.isEmpty()) {
+ securityRoles.add("*");
+ }
+ return Collections.unmodifiableSet(securityRoles);
}
+
private static final class WebContextAnnotationWrapper {
private final String authMethod;
private final String transportGuarantee;