[jboss-jira] [JBoss JIRA] (WFLY-8956) EJB3 subsystem default security domain is not propagated to secured EJBs without @SecurityDomain annotation if the default security domain is Elytron
Farah Juma (JIRA)
issues at jboss.org
Mon Jun 19 11:04:01 EDT 2017
[ https://issues.jboss.org/browse/WFLY-8956?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Farah Juma moved JBEAP-11647 to WFLY-8956:
------------------------------------------
Project: WildFly (was: JBoss Enterprise Application Platform)
Key: WFLY-8956 (was: JBEAP-11647)
Workflow: GIT Pull Request workflow (was: CDW with loose statuses v1)
Component/s: EJB
Security
(was: EJB)
(was: Security)
Affects Version/s: (was: 7.1.0.DR19)
(was: 7.1.0.ER1)
Affects Testing: (was: Blocks Testing)
> EJB3 subsystem default security domain is not propagated to secured EJBs without @SecurityDomain annotation if the default security domain is Elytron
> -----------------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: WFLY-8956
> URL: https://issues.jboss.org/browse/WFLY-8956
> Project: WildFly
> Issue Type: Bug
> Components: EJB, Security
> Reporter: Farah Juma
> Assignee: Farah Juma
> Priority: Critical
>
> Suppose a deployment with EJB with security related annotations (for example {{@RolesAllowed}}) but without a {{@SecurityDomain}} annotation. If the EAP running the deployment has attribute {{default-security-domain}} in {{/subsystem=ejb3}} defined, this will be used for any bean without security domain used in deployment. This works with PicketBox domains, however, if an Elytron security domain is defined as default, no such domain will be associated with the deployment.
> This also causes failure of {{org.jboss.as.test.integration.ejb.security.missingmethodpermission.*TestCase}} tests in integration/basic module in test suite.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list