[jboss-jira] [JBoss JIRA] (WFLY-4474) Container-provided security role "*" (EJB 3.2) not working
Jan Martiska (JIRA)
issues at jboss.org
Tue Mar 31 05:42:18 EDT 2015
Jan Martiska created WFLY-4474:
----------------------------------
Summary: Container-provided security role "*" (EJB 3.2) not working
Key: WFLY-4474
URL: https://issues.jboss.org/browse/WFLY-4474
Project: WildFly
Issue Type: Bug
Affects Versions: 9.0.0.Beta1
Reporter: Jan Martiska
Assignee: Stuart Douglas
EJB 3.2 12.3.1 Security Roles:
{quote}
A security role with the name “**” is defined by the Container, and is intended to be used by the Bean
Provider, Application Assembler, or Deployer to indicate that the caller must log on or authenticate to
invoke a method or to perform some processing requiring membership in this container role. This con-
tainer security role indicates that authentication, without consideration of role membership, is required.
{quote}
This doesn't seem to work in WildFly 9.0.0.Beta1. An authenticated user trying to invoke methods annotated @PermitAll("*") gets an EJBAccessException.
I started preparing tests for this behavior at https://github.com/jmartisk/wildfly/commits/master-ejb32tests-starrole
It causes failures in:
InherritanceAnnSFSBTestCase.testSingleMethodAnnotationsUser1
InherritanceAnnSLSBTestCase.testSingleMethodAnnotationsUser1
InjectionAnnSFSBtoSFSBTestCase.testSingleMethodAnnotationsUser1
InjectionAnnSFSBtoSLSBTestCase.testSingleMethodAnnotationsUser1
InjectionAnnSLSBtoSFSBTestCase.testSingleMethodAnnotationsUser1
InjectionAnnSLSBtoSLSBTestCase.testSingleMethodAnnotationsUser1
SingleMethodsAnnSFSBTestCase.testSingleMethodAnnotationsUser1
SingleMethodsAnnSLSBTestCase.testSingleMethodAnnotationsUser1
--
This message was sent by Atlassian JIRA
(v6.3.11#6341)
More information about the jboss-jira
mailing list