[ 
https://issues.apache.org/jira/browse/GERONIMO-4738?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

viola.lu reopened GERONIMO-4738:
--------------------------------


After remove <assembly-descriptor>
        <security-role>
            <role-name>admin</role-name>
        </security-role>
        <method-permission>
            <role-name>admin</role-name>
            <method>
                <ejb-name>BeanBasic</ejb-name>
                <method-name>greetMe</method-name>
            </method>
            <method>
                <ejb-name>BeanBasicAllowGet</ejb-name>
                <method-name>greetMe</method-name>
            </method>
        </method-permission>
        <method-permission>
            <unchecked/>
            <method>
                <ejb-name>BeanHttps</ejb-name>
                <method-name>greetMe</method-name>
            </method>
            <method>
                <ejb-name>BeanHttpsAllowGet</ejb-name>
                <method-name>greetMe</method-name>
            </method>
        </method-permission>
    </assembly-descriptor>
from 
$source\testsuite\webservices-testsuite\jaxws-tests\jaxws-ejb-sec\src\main\filtered-resources\META-INF\ejb-jar.xml,
 

there is still errors, reopen it.

> ejb ws report authorization failures as 500 internal server error
> -----------------------------------------------------------------
>
>                 Key: GERONIMO-4738
>                 URL: https://issues.apache.org/jira/browse/GERONIMO-4738
>             Project: Geronimo
>          Issue Type: Bug
>      Security Level: public(Regular issues) 
>          Components: webservices
>    Affects Versions: 2.2
>            Reporter: David Jencks
>            Assignee: Delos Dai
>             Fix For: 2.2.1
>
>
> If you secure an ejb web service with ejb security constraints cxf reports 
> authorization failures as 500 internal server error and doesn't log much 
> useful.  Axis2 logs the auth failure and IIRC reports 401 or 403.
> I think this can be reproduced by removing the ejb-jar.xml security 
> constraints from   
> testsuite/webservices-testsuite/jaxws-tests/jaxws-ejb-sec/src/main/resources/META-INF/ejb-jar.xml

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to