[jboss-dev-forums] [Design of Security on JBoss] - Re: Invalid Issue: SECURITY-340
anil.saldhana@jboss.com
do-not-reply at jboss.com
Thu Dec 11 14:23:27 EST 2008
"scott.stark at jboss.org" wrote : I don't see where the Ejb3AuthenticationInterceptorv2 is being configured in a AS deployment, so I don't see how that can be addressed as a JBAS issue. I guess its this AuthenticationInterceptorFactory in ejb3-interceptors-aop.xml that is creating the interceptor:
|
|
| | <interceptor factory="org.jboss.ejb3.security.AuthenticationInterceptorFactory" scope="PER_CLASS"/>
| |
|
| but then that needs to be updated to allow for injection, or more likely the stack of interceptors needs to be created directly as beans. What's the state of the -aop.xml supporting fully configured stack of beans rather than using this older factory based creation?
|
I do not think the injection mechanism exists yet. The JIRA issue that I created was primarily to get something along those lines started.
We really need to be able to create ejb container in the AS to allow direct injection. Currently the ejb2 deployer based approach to creating containers is also not modern.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4196047#4196047
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4196047
More information about the jboss-dev-forums
mailing list