You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@tomee.apache.org by "Andy Gumbrecht (JIRA)" <ji...@apache.org> on 2013/11/21 17:49:36 UTC

[jira] [Resolved] (OPENEJB-2046) @Asynchronous calls on void methods mask failing authentication

     [ https://issues.apache.org/jira/browse/OPENEJB-2046?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Andy Gumbrecht resolved OPENEJB-2046.
-------------------------------------

    Resolution: Fixed

Failures on void methods are logged at error level

> @Asynchronous calls on void methods mask failing authentication
> ---------------------------------------------------------------
>
>                 Key: OPENEJB-2046
>                 URL: https://issues.apache.org/jira/browse/OPENEJB-2046
>             Project: OpenEJB
>          Issue Type: Bug
>          Components: container system
>    Affects Versions: 4.6.0
>         Environment: NA
>            Reporter: Andy Gumbrecht
>            Assignee: Andy Gumbrecht
>            Priority: Critical
>             Fix For: 4.6.0
>
>
> Beans that are annotated with:
> @DeclareRoles({"role"})
> @RolesAllowed({"role"})
> That are called on a method annotated with:
> @Asynchronous
> ...fail silently as the EJBAccessException that is thrown is never logged, and (due to the nature of asynchronous) is never propagated.
> The EJBAccessException occurs because the role is not propagated correctly into ThreadContext where containers that call getSecurityService().isCallerAuthorized



--
This message was sent by Atlassian JIRA
(v6.1#6144)