[jboss-jira] [JBoss JIRA] Resolved: (EJBTHREE-1642) The <security-domain> tag included in <container-configuration> in the jboss.xml file is ignored

Carlo de Wolf (JIRA) jira-events at lists.jboss.org
Wed Dec 17 08:36:54 EST 2008 

     [ https://jira.jboss.org/jira/browse/EJBTHREE-1642?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Carlo de Wolf resolved EJBTHREE-1642.
-------------------------------------

    Resolution: Rejected
      Assignee: Carlo de Wolf


container-configuration is not supported in EJB 3 deployments, you should use the following layout:

<?xml version="1.0" encoding="UTF-8"?>
<jboss
        xmlns="http://www.jboss.com/xml/ns/javaee"
        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
        xsi:schemaLocation="http://www.jboss.com/xml/ns/javaee
                            http://www.jboss.org/j2ee/schema/jboss_5_0.xsd"
        version="3.0">
   <security-domain>java:/jaas/other</security-domain>
   <unauthenticated-principal>somebody</unauthenticated-principal>
</jboss>

> The <security-domain> tag included in <container-configuration> in the jboss.xml file is ignored
> ------------------------------------------------------------------------------------------------
>
>                 Key: EJBTHREE-1642
>                 URL: https://jira.jboss.org/jira/browse/EJBTHREE-1642
>             Project: EJB 3.0
>          Issue Type: Bug
>          Components: Security
>    Affects Versions: 1.0.0-Beta11
>         Environment: Windows XP
> JDK 1.6.build10
> JBOSS 5.0.0.GA
>            Reporter: John Gonon
>            Assignee: Carlo de Wolf
>            Priority: Minor
>
> The <security-domain> tag included in <container-configuration> in the jboss.xml file is ignored.
> I have tracked were the problem seems to be (at least as I saw it).
> In the class "org.jboss.ejb3.security.bridge.SecurityDomainMetaDataBridge" there are those lines:
>          //TODO: How to get the merged meta data? Is the following line correct? 
>          if(securityDomain == null)
>         	 securityDomain = beanMetaData.getJBossMetaData().getSecurityDomain();
> I replaced them with:
>             if (securityDomain == null) {
>                 JBossMetaData metaData = beanMetaData.getJBossMetaData();
>                 securityDomain = metaData.getContainerConfiguration(beanMetaData.determineConfigurationName())
>                         .getSecurityDomain();
>                 if (securityDomain == null)
>                     securityDomain = metaData.getSecurityDomain();
>             }
> As I understand it, if no "SecurityDomain" annotation is found, then we finish in this class and we do in order:
> 1. seek for a security domain in the bean's metadata (I guess it is in the EJB declaration)
> 2. seek for the one in "jboss-app.xml"
> I inserted between them some code returning the one comming from the container's configuration
> I hope this helps ...
> Best regards,
> Please keep me informed,
> I hope to remove my "modified" jar with an official one soon.
> John

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list