I'm having some problems getting my method permissions working correctly.
I'm using JBoss-3.2.1, and have set up an EJB bean with methods '*' as
unchecked, but with a few of the bean's methods requiring a certain role.
The problem is that whenever calling one of the restricted methods,
JBoss only sees the wildcard that is unchecked, and therefore thinks
that my restricted methods are also unchecked.
Am I not supposed to do this? Do I need to have the method permissions
in a certain order in the ejb-jar.xml file (which is going to be hard
since I'm using XDoclet)?
I've narrowed it down to BeanMetaData.java. It contains the following:
public Set getMethodPermissions(String methodName, Class[] params,
InvocationType iface)
{
...
// Check the permissioned methods list
iterator = getPermissionMethods();
while (iterator.hasNext())
{
MethodMetaData m = (MethodMetaData) iterator.next();
if (m.patternMatches(methodName, params, iface))
{
if (m.isUnchecked())
{
result.clear();
result.add(AnybodyPrincipal.ANYBODY_PRINCIPAL);
break;
}
else
...
Since m.patternMatches() returns true on "*", this method will exit here,
without ever coming to the more exact definition of methodName (if
"*" happens to come before in the list).
In the method getMethodTransactionType() in the same class, it does more
or less the same thing, but there it makes sure that there aren't more
exact matches before using the wildcard match.
I've checked CVS, and getMethodPermissions() still behaves the same way.
Am I doing something I shouldn't, or is this a bug in JBoss?
Eivind
-------------------------------------------------------
This SF.net email is sponsored by: The Robotic Monkeys at ThinkGeek
For a limited time only, get FREE Ground shipping on all orders of $35
or more. Hurry up and shop folks, this offer expires April 30th!
http://www.thinkgeek.com/freeshipping/?cpg=12297
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user
