Joe Gittings wrote:
>
> Unfortunately, there is a bug in the way that MethodGuard treats a method
> that is inherited by more than one EJB deployed in the server.
>
> Currently, the "methods" Hashtable in MethodGuard keys roles by
> Method.toString(). Unfortunately, this does not correctly distinguish
> between methods that are inherited by several EJBs from a common
> superinterface. Method.toString() just produces the signature of the
> superinterface method.
>
> The consequence is that when declaring permissions for methods in a
> deployment descriptor, for a given method that is inherited by several
> EJBs, only the last permission will be stored.
>
> I would like to contribute a fix for this bug. The relevant files are
> attached. A new class, MethodSignature is introduced. This takes a BeanDesc
> as a argument to its constructor, as well as the standard Method.toString()
> value. MethodGuard has been modified to key entries in MethodGuard.methods
> by this class. JBeanHome and SecurityServiceImpl have been modified to pass
> MethodSignature to MethodGuard.checkGuard() and MethodGuard.add()
> respectively.
>
> I hope you like my contribution!
> Joe
Hi, Joe,
I have reproduce the bug and I have studied your contribution.
I have fixed the bug. The code I have submitted is a little bit
different to your contribution, mainly because of
the new structure of JOnAS source code.
The new structure was chosen in order to have several independent
modules, some of them will be integrated more easily in other projects
like Enhydra.
With this structure, your MethodSignature class causes me some
troubles,
because JBeanHome.java and SecurityServiceImpl.java need to use it
but are in different modules(jonas and jonas_ejb).
So I have changed the strategy, now GenIC generates the methods
signatures
" à la Gittings" ejbname + ":"+ method.toString()
and the setMethodRoleMapping method also rebuilt the methodGuard
hashtable with the same convention.
You can get the code via CVS.
I hope you agree with this.
Your name appears as contributor in the modified files.
Note that in the committed version I have also modify the security
service in order to get it more pluggable (thanks to John Ellis).
Now by default you will use JonasSecurityServiceImpl as default
implementation
of security service but you can redefine your own implementation
by setting in the jonas.security.implementation property of
jonas.properties
the name of your implementation class.
Best regards,
--
Philippe
Philippe Coq Evidian Phone: (33) 04 76 29 78 49
Bull S.A - 1 rue de Provence - 38432 Echirolles Cedex France
Download our EJBServer at http://www.objectweb.org
----
To unsubscribe, send email to [EMAIL PROTECTED] and
include in the body of the message "unsubscribe jonas-users".
For general help, send email to [EMAIL PROTECTED] and
include in the body of the message "help".
