Re: [VOTE] XBean 3.15 release
+1 Le 7 nov. 2013 07:12, "Alan D. Cabrera" a écrit : > +1 Looks good. > > > Regards, > Alan > > On Nov 6, 2013, at 8:55 PM, David Blevins wrote: > > > Ok, release rolled! > > > > Binaries: > > > > > https://repository.apache.org/content/repositories/orgapachegeronimo-086/ > > > > Tag: > > > > http://svn.apache.org/repos/asf/geronimo/xbean/tags/xbean-3.15/ > > > > > > 72 hours for voting! :) > > > > > > -David > > > >
Re: [VOTE] XBean 3.15 release
+1 Looks good. Regards, Alan On Nov 6, 2013, at 8:55 PM, David Blevins wrote: > Ok, release rolled! > > Binaries: > > https://repository.apache.org/content/repositories/orgapachegeronimo-086/ > > Tag: > > http://svn.apache.org/repos/asf/geronimo/xbean/tags/xbean-3.15/ > > > 72 hours for voting! :) > > > -David >
[VOTE] XBean 3.15 release
Ok, release rolled! Binaries: https://repository.apache.org/content/repositories/orgapachegeronimo-086/ Tag: http://svn.apache.org/repos/asf/geronimo/xbean/tags/xbean-3.15/ 72 hours for voting! :) -David
Re: XBean 3.15 release?
go on! will cast a vote after testing. LieGrue, strub - Original Message - > From: David Blevins > To: "dev@geronimo.apache.org" > Cc: > Sent: Monday, 4 November 2013, 3:15 > Subject: XBean 3.15 release? > > Anyone object if I roll an XBean 3.1.5 release? > > > -David >
Unable to inject No-Interface EJB with security defined
I am trying to deploy an enterprise application EAR consisting of:
- an EJB 3.1 module containing stateless session beans
- a web module containing servlets.
The server is Geronimo V3.0
The beans are exposed through the @LocalBean annotation and injected into
the servlets using the @EJB annotation.
Without any application security settings defined, everything works
flawlessly. But, as soon as I define even the simplest security setup,
injection fails with the message:
java.lang.IllegalArgumentException: Invalid method interface:
LocalBean
javax.security.jacc.EJBMethodPermission
$MethodSpec.checkMethodInterface(EJBMethodPermission.java:303)
javax.security.jacc.EJBMethodPermission$MethodSpec.
(EJBMethodPermission.java:209)
javax.security.jacc.EJBMethodPermission.
(EJBMethodPermission.java:90)
org.apache.geronimo.openejb.GeronimoSecurityService.isCallerAuthorized
(GeronimoSecurityService.java:100)
org.apache.openejb.core.stateless.StatelessContainer.invoke
(StatelessContainer.java:159)
org.apache.openejb.core.ivm.EjbObjectProxyHandler.synchronizedBusinessMethod
(EjbObjectProxyHandler.java:255)
org.apache.openejb.core.ivm.EjbObjectProxyHandler.businessMethod
(EjbObjectProxyHandler.java:235)
org.apache.openejb.core.ivm.EjbObjectProxyHandler._invoke
(EjbObjectProxyHandler.java:92)
org.apache.openejb.core.ivm.BaseEjbProxyHandler.invoke
(BaseEjbProxyHandler.java:284)
com.sun.proxy.$Proxy117.getSysTime(Unknown Source)
dk.danicon.servlet.Systime.doGet(Systime.java:43)
javax.servlet.http.HttpServlet.service(HttpServlet.java:575)
javax.servlet.http.HttpServlet.service(HttpServlet.java:668)
The security configuration works perfectly and prompts for credentials on
servlets defined with an annotation like the one below, if they don't try
to inject an EJB:
@ServletSecurity(@HttpConstraint(rolesAllowed={"admin"}))
I can make the injection work by removing the @LocalBean and implementing a
@Local interface instead. But, from what I have been able to read on the
subject, this *should* work with no-interface views as well - and I would
like to avoid the added overhead from the interface.
I am attaching a sample application below and hope someone can tell me what
I'm missing here?
(See attached file: TestEar.ear)
TestEar.ear
Description: Binary data
