Hi Scott,
Took me a while until I got around to test this again.
Are you populating the Subject with your own Roles group
Yes.
instance? Validation of the special ANYBODY only works with
org.jboss.security.NestableGroup for any release version.
This restriction was removed a couple of
$, readDateSequences$,
readParties$, createUnverifiedTradesBO$, readBal
Sebastian
-Original Message-
From: Scott M Stark [mailto:[EMAIL PROTECTED]
Sent: Monday, June 23, 2003 7:54 PM
To: [EMAIL PROTECTED]
Subject: Re: [JBoss-user] unchecked/ method security fails
Unchecked in JBoss does
Are you populating the Subject with your own Roles group
instance? Validation of the special ANYBODY only works
with org.jboss.security.NestableGroup for any release
version. This restriction was removed a couple of days ago
so you could test against any branch 3.0 and higher if this
is the case.
Unchecked in JBoss does not mean anonymous by default. A caller still
must be authenticated, but there will be no authorization check. If
you want to allow anonymous access to an unchecked ejb you need to
configure the security domain login modules to allow this. Most JBoss
login modules support