service endpoint "all" permissions are computed from the local home, not the service endpoint interface -------------------------------------------------------------------------------------------------------
Key: GERONIMO-3181 URL: https://issues.apache.org/jira/browse/GERONIMO-3181 Project: Geronimo Issue Type: Bug Security Level: public (Regular issues) Components: security, webservices Affects Versions: 2.0-M6 Reporter: David Jencks Assigned To: David Jencks Fix For: 2.0-M6 securityBuilder.addToPermissions(permissions, remoteBean.getEjbName(), EjbInterface.SERVICE_ENDPOINT.getJaccInterfaceName(), remoteBean.getLocalHome(), ejbModule.getClassLoader()); should be if (remoteBean instanceof SessionBean) { securityBuilder.addToPermissions(permissions, remoteBean.getEjbName(), EjbInterface.SERVICE_ENDPOINT.getJaccInterfaceName(), ((SessionBean)remoteBean).getServiceEndpoint(), ejbModule.getClassLoader()); } -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.