[jboss-jira] [JBoss JIRA] Updated: (EJBTHREE-755) JACC layer should generate unchecked permissions for methods with no security annotations
Anil Saldhana (JIRA)
jira-events at jboss.com
Mon Oct 23 13:12:41 EDT 2006
[ http://jira.jboss.com/jira/browse/EJBTHREE-755?page=all ]
Anil Saldhana updated EJBTHREE-755:
-----------------------------------
Component/s: Security
Fix Version/s: EJB 3.0 RC10 - FD
Affects Version/s: EJB 3.0 RC9 - FD
> JACC layer should generate unchecked permissions for methods with no security annotations
> -----------------------------------------------------------------------------------------
>
> Key: EJBTHREE-755
> URL: http://jira.jboss.com/jira/browse/EJBTHREE-755
> Project: EJB 3.0
> Issue Type: Bug
> Components: Security
> Affects Versions: EJB 3.0 RC9 - FD
> Reporter: Anil Saldhana
> Assigned To: Anil Saldhana
> Fix For: EJB 3.0 RC10 - FD
>
>
> Consider the following usecases:
> 1) There are @RolesAllowed annotations on multiple methods(set X). Some methods (set Y) do not have @RolesAllowed, @PermitAll, @DenyAll annotations. For these methods in set Y, unchecked permissions need to be created for the roles for the ejb3 app.
> 2) There is a @DeclareRoles annotation at the class level. Methods may define annotations (set x) as in usecase 1. For the methods with missing security annotations, create unchecked permissions.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list