[jbossws-dev] [Design of JBoss Web Services] - Removing JACC Permissions Hack
richard.opalka@jboss.com
do-not-reply at jboss.com
Thu Aug 20 06:25:23 EDT 2009
This is related to: JBAS-5935
I'm trying to remove JACC permissions hack in JBossWS AS integration code base and I have two issues with that:
ad1) When I'll comment out WSJACCPermissionsDeploymentAspect DA from
jboss-5.2.0.Beta/server/all/deployers/jbossws.deployer/META-INF/stack-agnostic-jboss-beans.xml and I'll start AS:
[/home/opalka][/opt/svn/jbossas/branches/Branch_5_x/build/output/jboss-5.2.0.Beta/bin]>./run.sh -c all
and finally I'll run the test
[/home/opalka][/opt/svn/jbossas/branches/Branch_5_x/testsuite]>./build.sh one-test -Dtest=org.jboss.test.webservice.jbws309.JBWS309TestCase
I'd expect this test to fail, but it isn't. What is going on wrong with it? In that usecase JACC permissions shouln't be generated at all and test should fail, at least from what I read in associated JIRA JBAS-4644
ad2) I don't know how to fix that issue properly? Can I move WarSecurityDeployer from POST_CLASSLOADER deployers map to REAL_CLASSLOADERS map, or it have to stay in POST_CLASSLOADER map to prevent potential security attacks?
Associated JBossWS deployers that generate web meta data cannot be moved from REAL to POST_CLASSLOADER stage because of dependency on EJB3 REAL deployers.
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4250574#4250574
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4250574
More information about the jbossws-dev
mailing list