[jboss-jira] [JBoss JIRA] Commented: (JBAS-7037) JBossAS 5.x fails to use EJB's security domain in jboss.xml when the call is from web container

Chris Imershein (JIRA) jira-events at lists.jboss.org
Mon Aug 24 14:52:24 EDT 2009 

    [ https://jira.jboss.org/jira/browse/JBAS-7037?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12482491#action_12482491 ] 

Chris Imershein commented on JBAS-7037:
---------------------------------------

Could this be related at all to #EJBTHREE-1756 ?

See also the notes on the linked JBoss Forum page from 1756:
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4216002

Possibly something with JBossWebRealm.authenticate, SubjectInfo, and CredentialIdentity?

Or these 2 bugs could be completely unrelated.

However, if 1756 could also be fixed in 5.0.2 (or at least put onto the road map), that would be appreciated. 

> JBossAS 5.x fails to use EJB's security domain in jboss.xml when the call is from web container
> -----------------------------------------------------------------------------------------------
>
>                 Key: JBAS-7037
>                 URL: https://jira.jboss.org/jira/browse/JBAS-7037
>             Project: JBoss Application Server
>          Issue Type: Bug
>      Security Level: Public(Everyone can see) 
>          Components: Security
>    Affects Versions: JBossAS-5.0.1.GA, JBossAS-5.1.0.GA
>         Environment: Problem found on Windows platform
>            Reporter: Calvin Lin
>            Assignee: Stefan Guilhen
>             Fix For: JBossAS-5.0.2.GA
>
>         Attachments: ConfigFiles-lib.zip, JBAS-jira-authenBug.zip
>
>
> A degredation from JBoss 4.0.x and 4.2.x to JBoss 5.0.1.GA and JBoss 5.1.0.GA.
> We noticed that the JAAS login in EJB container always picks up the Web app's security domain when the client login is originated from a web application client.  The security domain specified in EJB container's jboss.xml is always ignored in this situation.
> The detailed problem description is posted on JBoss forum:
> http://www.jboss.org/index.html?module=bb&op=viewtopic&t=156863

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list