[jboss-cvs] JBossAS SVN: r103481 - trunk/server/src/main/java/org/jboss/ejb/plugins.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Fri Apr 2 11:35:34 EDT 2010
Author: mmoyses
Date: 2010-04-02 11:35:34 -0400 (Fri, 02 Apr 2010)
New Revision: 103481
Modified:
trunk/server/src/main/java/org/jboss/ejb/plugins/SecurityInterceptor.java
Log:
Modified: trunk/server/src/main/java/org/jboss/ejb/plugins/SecurityInterceptor.java
===================================================================
--- trunk/server/src/main/java/org/jboss/ejb/plugins/SecurityInterceptor.java 2010-04-02 15:27:21 UTC (rev 103480)
+++ trunk/server/src/main/java/org/jboss/ejb/plugins/SecurityInterceptor.java 2010-04-02 15:35:34 UTC (rev 103481)
@@ -361,11 +361,13 @@
isAuthorized = SecurityActions.authorize(authorizationHelper, ejbName, ejbMethod, mi.getPrincipal(),
mi.getType().toInterfaceString(), ejbCS, caller, callerRunAsIdentity, container.getJaccContextID(),
new SimpleRoleGroup(methodRoles));
-
- String msg = "Denied: caller with subject=" + caller + " and security context post-mapping roles="
- + SecurityActions.getRolesFromSecurityContext(currentSC) + ": ejbMethod=" + ejbMethod;
+
if (!isAuthorized)
+ {
+ String msg = "Denied: caller with subject=" + caller + " and security context post-mapping roles="
+ + SecurityActions.getRolesFromSecurityContext(currentSC) + ": ejbMethod=" + ejbMethod;
throw new SecurityException(msg);
+ }
}
private boolean shouldBypassSecurity(Invocation mi) throws Exception
More information about the jboss-cvs-commits
mailing list