[jboss-jira] [JBoss JIRA] (WFLY-4474) Container-provided security role "*" (EJB 3.2) not working
Jan Martiska (JIRA)
issues at jboss.org
Tue Mar 31 05:46:19 EDT 2015
[ https://issues.jboss.org/browse/WFLY-4474?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jan Martiska updated WFLY-4474:
-------------------------------
Description:
EJB 3.2 12.3.1 Security Roles:
{quote}
A security role with the name “**” is defined by the Container, and is intended to be used by the Bean
Provider, Application Assembler, or Deployer to indicate that the caller must log on or authenticate to
invoke a method or to perform some processing requiring membership in this container role. This con-
tainer security role indicates that authentication, without consideration of role membership, is required.
{quote}
This doesn't seem to work in WildFly 9.0.0.Beta1. An authenticated user trying to invoke methods annotated @PermitAll("**") gets an EJBAccessException.
I started preparing tests for this behavior at https://github.com/jmartisk/wildfly/commits/master-ejb32tests-starrole
It causes failures in:
InherritanceAnnSFSBTestCase.testSingleMethodAnnotationsUser1
InherritanceAnnSLSBTestCase.testSingleMethodAnnotationsUser1
InjectionAnnSFSBtoSFSBTestCase.testSingleMethodAnnotationsUser1
InjectionAnnSFSBtoSLSBTestCase.testSingleMethodAnnotationsUser1
InjectionAnnSLSBtoSFSBTestCase.testSingleMethodAnnotationsUser1
InjectionAnnSLSBtoSLSBTestCase.testSingleMethodAnnotationsUser1
SingleMethodsAnnSFSBTestCase.testSingleMethodAnnotationsUser1
SingleMethodsAnnSLSBTestCase.testSingleMethodAnnotationsUser1
was:
EJB 3.2 12.3.1 Security Roles:
{quote}
A security role with the name “**” is defined by the Container, and is intended to be used by the Bean
Provider, Application Assembler, or Deployer to indicate that the caller must log on or authenticate to
invoke a method or to perform some processing requiring membership in this container role. This con-
tainer security role indicates that authentication, without consideration of role membership, is required.
{quote}
This doesn't seem to work in WildFly 9.0.0.Beta1. An authenticated user trying to invoke methods annotated @PermitAll("*") gets an EJBAccessException.
I started preparing tests for this behavior at https://github.com/jmartisk/wildfly/commits/master-ejb32tests-starrole
It causes failures in:
InherritanceAnnSFSBTestCase.testSingleMethodAnnotationsUser1
InherritanceAnnSLSBTestCase.testSingleMethodAnnotationsUser1
InjectionAnnSFSBtoSFSBTestCase.testSingleMethodAnnotationsUser1
InjectionAnnSFSBtoSLSBTestCase.testSingleMethodAnnotationsUser1
InjectionAnnSLSBtoSFSBTestCase.testSingleMethodAnnotationsUser1
InjectionAnnSLSBtoSLSBTestCase.testSingleMethodAnnotationsUser1
SingleMethodsAnnSFSBTestCase.testSingleMethodAnnotationsUser1
SingleMethodsAnnSLSBTestCase.testSingleMethodAnnotationsUser1
> Container-provided security role "*" (EJB 3.2) not working
> ----------------------------------------------------------
>
> Key: WFLY-4474
> URL: https://issues.jboss.org/browse/WFLY-4474
> Project: WildFly
> Issue Type: Bug
> Affects Versions: 9.0.0.Beta1
> Reporter: Jan Martiska
> Assignee: Stuart Douglas
>
> EJB 3.2 12.3.1 Security Roles:
> {quote}
> A security role with the name “**” is defined by the Container, and is intended to be used by the Bean
> Provider, Application Assembler, or Deployer to indicate that the caller must log on or authenticate to
> invoke a method or to perform some processing requiring membership in this container role. This con-
> tainer security role indicates that authentication, without consideration of role membership, is required.
> {quote}
> This doesn't seem to work in WildFly 9.0.0.Beta1. An authenticated user trying to invoke methods annotated @PermitAll("**") gets an EJBAccessException.
> I started preparing tests for this behavior at https://github.com/jmartisk/wildfly/commits/master-ejb32tests-starrole
> It causes failures in:
> InherritanceAnnSFSBTestCase.testSingleMethodAnnotationsUser1
> InherritanceAnnSLSBTestCase.testSingleMethodAnnotationsUser1
> InjectionAnnSFSBtoSFSBTestCase.testSingleMethodAnnotationsUser1
> InjectionAnnSFSBtoSLSBTestCase.testSingleMethodAnnotationsUser1
> InjectionAnnSLSBtoSFSBTestCase.testSingleMethodAnnotationsUser1
> InjectionAnnSLSBtoSLSBTestCase.testSingleMethodAnnotationsUser1
> SingleMethodsAnnSFSBTestCase.testSingleMethodAnnotationsUser1
> SingleMethodsAnnSLSBTestCase.testSingleMethodAnnotationsUser1
--
This message was sent by Atlassian JIRA
(v6.3.11#6341)
More information about the jboss-jira
mailing list