I figured out the problem, my bean was calling another bean that didn't have
method permissions, my mistake, the software is working great.
I should never send messages to the dev-list after 10:30 pm.
Tim
On Friday 07 February 2003 12:24 am, Scott M Stark wrote:
> Post a bug with an example attached to sourceforge as it is not clear
> what you are describing here.
>
> xxxxxxxxxxxxxxxxxxxxxxxx
> Scott Stark
> Chief Technology Officer
> JBoss Group, LLC
> xxxxxxxxxxxxxxxxxxxxxxxx
>
> ----- Original Message -----
> From: "Timothy Barreto" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Thursday, February 06, 2003 10:37 PM
> Subject: [JBoss-dev] unchecked permission bug
>
>
> Hi dev-list,
>
> I've been working on this simple ejb that is called from an web container
> unauthenticated. The method I'm calling has an <unchecked/> in its
> method-permissions element in the assembly-descriptor. After some debug I
> found that BeanMetaData getMethodPermissions() returned null when
> called from the SecurityInterceptor. This causes the familiar error:
>
> "No method permissions assigned to method="+method
> + ", interface="+Invocation.getInvocationTypeName(iface);
>
> I then began to inspect the code and found the AnbodyPrincipal class does
> not obey the equals contract. In the following section of code, at least
> on my vm, the calls:
>
> result.clear();
> result.add(AnybodyPrincipal.ANYBODY_PRINCIPAL);
> break;
>
> causes the call result.isEmpty() to return true. This appears to be a bug,
> am I missing something?
>
> while (iterator.hasNext())
> {
> MethodMetaData m = (MethodMetaData) iterator.next();
> if (m.patternMatches(methodName, params, iface))
> {
> /* If this is an unchecked method anyone can access it so
> set the result set to a role that equates to any Principal
> or Principal name and return.
> */
>
> if (m.isUnchecked())
> {
> result.clear();
> result.add(AnybodyPrincipal.ANYBODY_PRINCIPAL);
> break;
> }
> // Else, add all roles
> else
> {
> Iterator rolesIterator = m.getRoles().iterator();
> while (rolesIterator.hasNext())
> {
> String roleName = (String) rolesIterator.next();
> result.add(new SimplePrincipal(roleName));
> }
> }
> }
> }
>
> // If no permissions were assigned to the method return null to
> indicate no access
> if (result.isEmpty()) {
> result = null;
>
> return result;
>
> -------------------------------------------------------
>
>
>
> -------------------------------------------------------
> This SF.NET email is sponsored by:
> SourceForge Enterprise Edition + IBM + LinuxWorld =omething 2 See!
> http://www.vasoftware.com
> _______________________________________________
> Jboss-development mailing list
> [EMAIL PROTECTED]
> https://lists.sourceforge.net/lists/listinfo/jboss-development
>
>
>
> -------------------------------------------------------
> This SF.NET email is sponsored by:
> SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
> http://www.vasoftware.com
> _______________________________________________
> Jboss-development mailing list
> [EMAIL PROTECTED]
> https://lists.sourceforge.net/lists/listinfo/jboss-development
-------------------------------------------------------
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
http://www.vasoftware.com
_______________________________________________
Jboss-development mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-development
