[
https://issues.apache.org/jira/browse/GERONIMO-4738?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
viola.lu reopened GERONIMO-4738:
--------------------------------
After remove <assembly-descriptor>
<security-role>
<role-name>admin</role-name>
</security-role>
<method-permission>
<role-name>admin</role-name>
<method>
<ejb-name>BeanBasic</ejb-name>
<method-name>greetMe</method-name>
</method>
<method>
<ejb-name>BeanBasicAllowGet</ejb-name>
<method-name>greetMe</method-name>
</method>
</method-permission>
<method-permission>
<unchecked/>
<method>
<ejb-name>BeanHttps</ejb-name>
<method-name>greetMe</method-name>
</method>
<method>
<ejb-name>BeanHttpsAllowGet</ejb-name>
<method-name>greetMe</method-name>
</method>
</method-permission>
</assembly-descriptor>
from
$source\testsuite\webservices-testsuite\jaxws-tests\jaxws-ejb-sec\src\main\filtered-resources\META-INF\ejb-jar.xml,
there is still errors, reopen it.
> ejb ws report authorization failures as 500 internal server error
> -----------------------------------------------------------------
>
> Key: GERONIMO-4738
> URL: https://issues.apache.org/jira/browse/GERONIMO-4738
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: webservices
> Affects Versions: 2.2
> Reporter: David Jencks
> Assignee: Delos Dai
> Fix For: 2.2.1
>
>
> If you secure an ejb web service with ejb security constraints cxf reports
> authorization failures as 500 internal server error and doesn't log much
> useful. Axis2 logs the auth failure and IIRC reports 401 or 403.
> I think this can be reproduced by removing the ejb-jar.xml security
> constraints from
> testsuite/webservices-testsuite/jaxws-tests/jaxws-ejb-sec/src/main/resources/META-INF/ejb-jar.xml
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.