[jboss-cvs] JBossAS SVN: r103480 - branches/JBPAPP_5_0/server/src/main/org/jboss/ejb/plugins.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Fri Apr 2 11:27:22 EDT 2010
Author: mmoyses
Date: 2010-04-02 11:27:21 -0400 (Fri, 02 Apr 2010)
New Revision: 103480
Modified:
branches/JBPAPP_5_0/server/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java
Log:
Modified: branches/JBPAPP_5_0/server/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java
===================================================================
--- branches/JBPAPP_5_0/server/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java 2010-04-02 14:22:29 UTC (rev 103479)
+++ branches/JBPAPP_5_0/server/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java 2010-04-02 15:27:21 UTC (rev 103480)
@@ -361,11 +361,13 @@
isAuthorized = SecurityActions.authorize(authorizationHelper, ejbName, ejbMethod, mi.getPrincipal(),
mi.getType().toInterfaceString(), ejbCS, caller, callerRunAsIdentity, container.getJaccContextID(),
new SimpleRoleGroup(methodRoles));
-
- String msg = "Denied: caller with subject=" + caller + " and security context post-mapping roles="
- + SecurityActions.getRolesFromSecurityContext(currentSC) + ": ejbMethod=" + ejbMethod;
+
if (!isAuthorized)
+ {
+ String msg = "Denied: caller with subject=" + caller + " and security context post-mapping roles="
+ + SecurityActions.getRolesFromSecurityContext(currentSC) + ": ejbMethod=" + ejbMethod;
throw new SecurityException(msg);
+ }
}
private boolean shouldBypassSecurity(Invocation mi) throws Exception
More information about the jboss-cvs-commits
mailing list