[jboss-jira] [JBoss JIRA] (AS7-2993) Wrong exception RollesAllowed constraint is not fulfilled

jaikiran pai (JIRA) jira-events at lists.jboss.org
Mon Feb 6 04:04:01 EST 2012 

     [ https://issues.jboss.org/browse/AS7-2993?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

jaikiran pai resolved AS7-2993.
-------------------------------

    Fix Version/s:     (was: 7.1.0.Final)
       Resolution: Rejected

    
> Wrong exception RollesAllowed constraint is not fulfilled
> ---------------------------------------------------------
>
>                 Key: AS7-2993
>                 URL: https://issues.jboss.org/browse/AS7-2993
>             Project: Application Server 7
>          Issue Type: Bug
>          Components: EJB
>    Affects Versions: 7.1.0.Beta1b
>         Environment: If you have a SB with a method annotated with RollesAllowed({a,b,c}) and a SFSB which injects this bean. We also have client tries to access a method which calls a restricted method on injected bean. This client does not possess a security role specified in RolesAllowed , so the call should be rejected with EJBAccessException. However, what I get is NoSuchEjbException.
> Notes:
> - this doesn't happen if there is only one security role in RollesAllowed
> - this doesn't happen if the bean is injected to SLSB 
> - the NoSuchElement exception is thrown by org.jboss.as.ejb3.component.stateful.StatefulComponentInstanceInterceptor:66 snipplet follows:
> ROOT_LOGGER.debug("Looking for stateful component instance with session id: " + sessionId);
>         StatefulSessionComponentInstance instance = component.getCache().get(sessionId);
>         if (instance == null) {
>             //This exception will be transformed into the correct exception type by the exception transforming interceptor
>             throw new NoSuchEJBException("Could not find SFSB " + component.getComponentName() + " with " + sessionId);
>         }
> - I'll provide a reproducer for this, it' ll be available in my git repo (https://github.com/jlanik/jboss-as), branch EJBSecurity
> classes: InjectionAnnSFSBtoSFSBTestCase, InjectionAnnSLSBtoSFSBTestCase
> you can also look at InjectionAnnSFSBtoSLSBTestCase InjectionAnnSLSBtoSLSBTestCase (which work ok)
> I'll create a pull request with this and some other tests, so hopefully, It'll be accessible in the main jboss-as repo soon. 
>            Reporter: Jan Lanik
>            Assignee: jaikiran pai
>


--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list