-
1. Re: Unauthenticated Identity for ejb timers
starksm64 Apr 19, 2007 5:36 PM (in response to anil.saldhana)The SecurityDeployer should have the server default. We also need to start integrating the metadata repository api to allow for the SecurityDeployer to pickup a default from a higher level. The unified metadata and repository integration is something I'll start on next week.
-
2. Re: Unauthenticated Identity for ejb timers
anil.saldhana Apr 19, 2007 5:43 PM (in response to anil.saldhana)Ok. For now, I will just bask in the following glory that had eluded our test suite for sometime, wrt timers.
asaldhana~/jboss-5.0/jboss-head/testsuite> ant -Dtest=org.jboss.test.timer.test .SecureTimerUnitTestCase one-test Buildfile: build.xml Overriding previous definition of reference to jboss.test.classpath one-test: [junit] Running org.jboss.test.timer.test.SecureTimerUnitTestCase [junit] Tests run: 5, Failures: 0, Errors: 0, Time elapsed: 59.406 sec BUILD SUCCESSFUL Total time: 1 minute 2 seconds
Is anybody looking at the messaging stuff in trunk test suite? -
3. Re: Unauthenticated Identity for ejb timers
wolfc May 24, 2007 4:46 AM (in response to anil.saldhana)Will we keep the function as specified in http://docs.jboss.org/jbossas/jboss4guide/r5/html/ch8.chapter.html#ch8.declarativesecurity2.sect where I can just put in an unauthenticated principal in the deployment?
See also http://jira.jboss.com/jira/browse/EJBTHREE-973
Another question then is what if the caller supplies a principal, but there is no realm to validate against? I say a warning at least. -
4. Re: Unauthenticated Identity for ejb timers
anil.saldhana Oct 31, 2007 2:39 PM (in response to anil.saldhana)Scott, there is a null for the unauthenticatedprincipal from the application meta data.
http://jira.jboss.com/jira/browse/JBAS-4923
There is a pending issue for the unauthIdentity to be placed in the SecurityDeployer as per JIRA - -
5. Re: Unauthenticated Identity for ejb timers
anil.saldhana Oct 31, 2007 2:39 PM (in response to anil.saldhana)Scott, there is a null for the unauthenticatedprincipal from the application meta data.
http://jira.jboss.com/jira/browse/JBAS-4923
There is a pending issue for the unauthIdentity to be placed in the SecurityDeployer as per JIRA -
http://jira.jboss.com/jira/browse/JBAS-4369 -
6. Re: Unauthenticated Identity for ejb timers
starksm64 Oct 31, 2007 4:48 PM (in response to anil.saldhana)The old metadata was doing a jmx call to the security manager to pickup a DefaultUnauthenticatedPrincipal setting. This needs to be moved into the parsing deployer layer.