[
https://issues.apache.org/jira/browse/GERONIMO-6435?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13581116#comment-13581116
]
David Jencks commented on GERONIMO-6435:
----------------------------------------
The latest JACC spec I can find (1.4MR2) says this on p. 84:
A MethodInterfaceName is a non-empty String and should contain a method-intf
value as defined for use in EJB deployment descriptors. An implementation must
be flexible such that it supports additional interface names especially if they
are standardized by the EJB Specification. The EJB Specification currently
defines the following method-intf values:
{ "Home", "LocalHome", "Remote", "Local", "ServiceEndpoint" }
This suggests to me that the container is supposed to provide for additional
method interfaces (such as MessageEndpoint and Timer from ejb 3.1) by using the
extensibility property of the api, in this case by setting the
org.apache.security.jacc.EJBMethodPermission.methodInterfaces system property.
I think the intent of the jacc spec is that the api implementation not be
modified for additional method interfaces, but that the container use the
extensibility.
I don't see that Geronimo itself has done this.
> Invalid method interface: MessageEndpoint
> --------------------------------------------
>
> Key: GERONIMO-6435
> URL: https://issues.apache.org/jira/browse/GERONIMO-6435
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: javaee6
> Affects Versions: 3.0-beta-1
> Environment: EJB
> Reporter: Hiroko Takamiya
> Priority: Minor
> Labels: newbie
>
> Our customer is getting following error ("Invalid method interface:
> MessageEndpoint") when running their EJB 3.1 beans.
> --Error message---------
> [12/18/12 15:13:08:638 CET] 00000030 SecurityColla 3 Authorization
> failed accessing EJB java.lang.IllegalArgumentException:
> Invalid method interface: MessageEndpoint
> at
> javax.security.jacc.EJBMethodPermission$MethodSpec.checkMethodInterface(
> EJBMethodPermission.java:303)
> at
> javax.security.jacc.EJBMethodPermission$MethodSpec.<init>(EJBMethodPermi
> ssion.java:183)
> ....
> ----------------------
> Fortunately, interface list is extensible by adding property org.apache.
> security.jacc.EJBMethodPermission.methodInterfaces to JVM. And this
> solution works, although it is quite dirty.
> Looking at EJB 3.1 spec below, "MessageEndpoint" is newly added interface.
> http://download.oracle.com/otndocs/jcp/ejb-3.1-mrel-full-oth-JSpec/
> I have looked at apache geronimo download page but no luck finding the
> interface in the latest downloads.
> --- details on what I looked for --
> http://geronimo.apache.org/downloads.html
>
> ..and clicked on the latest release available
> "Apache Geronimo v3.0.0 - Released July 13, 2012"
> (http://geronimo.apache.org/apache-geronimo-v300-release.html)
> ..and downloaded "Certified Java EE 6 Full Profile Releases"
> ...and looked into following class
> geronimo-tomcat7-javaee6-3.0.0\repository\org\apache\
> geronimo\specs\geronimo-jacc_1.4_spec\1.0\javax\security\
> jacc\EJBMethodPermission.class
> -------
> Please kindly look at adding this one interface to the file.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
