[jboss-jira] [JBoss JIRA] Created: (JBAS-5960) EJB2: Lack of security domain in JBoss DD does not bypass security
Anil Saldhana (JIRA)
jira-events at lists.jboss.org
Sun Sep 14 13:09:31 EDT 2008
EJB2: Lack of security domain in JBoss DD does not bypass security
------------------------------------------------------------------
Key: JBAS-5960
URL: https://jira.jboss.org/jira/browse/JBAS-5960
Project: JBoss Application Server
Issue Type: Feature Request
Security Level: Public (Everyone can see)
Components: EJB2
Affects Versions: JBossAS-5.0.0.CR1
Reporter: Anil Saldhana
Assignee: Anil Saldhana
Fix For: JBossAS-5.0.0.GA
Currently, if there is no security domain defined for a deployment, we bypass security with a fat WARN message. But if there is presence of security meta data for the deployment (EJB2 method perms in ejb-jar.xml), there is an expectation of security enforcement. In this case, we need to default the security domain to "other".
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list