Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Critical Critical
    • Resolution: Fixed
    • Affects Version/s: 2.0.1, 2.1
    • Fix Version/s: 2.0.2, 2.1
    • Component/s: OpenEJB, security
    • Security Level: public (Regular issues)
    • Labels:
      None
    • Environment:

      All

      Description

      Currently access to MEJB is not controlled. Add configurable security for MEJB.

      1. MEJB.java
        1 kB
        Anita Kulshreshtha
      2. mejb-ear-2.1-SNAPSHOT.ear
        17 kB
        Anita Kulshreshtha
      3. mejb.patch
        43 kB
        Anita Kulshreshtha
      4. configs.patch
        0.5 kB
        Anita Kulshreshtha
      5. mejb-ejb-2.1-SNAPSHOT.jar
        7 kB
        Anita Kulshreshtha
      6. mejb-war-2.1-SNAPSHOT.war
        9 kB
        Anita Kulshreshtha
      7. configs.patch
        44 kB
        Anita Kulshreshtha
      8. configs.diff
        21 kB
        Anita Kulshreshtha
      9. mejb.diff
        19 kB
        Anita Kulshreshtha
      10. GERONIMO-3456.patch
        77 kB
        Anita Kulshreshtha

        Activity

        Anita Kulshreshtha created issue -
        Hide
        Donald Woods added a comment -

        Fix needs to go into trunk, too...

        Show
        Donald Woods added a comment - Fix needs to go into trunk, too...
        Donald Woods made changes -
        Field Original Value New Value
        Fix Version/s 2.1 [ 12312602 ]
        Affects Version/s 2.1 [ 12312602 ]
        Hide
        Anita Kulshreshtha added a comment -

        I have attached MEJB for review. It can be deployed as an ear or stand alone ejb module. I have tested it by deploying it as an ear on trunk. The ear file is also attached. The ear contains an extra web part that is meant only for testing. By default the "mejbuser" role is mapped to "admin" .

        Show
        Anita Kulshreshtha added a comment - I have attached MEJB for review. It can be deployed as an ear or stand alone ejb module. I have tested it by deploying it as an ear on trunk. The ear file is also attached. The ear contains an extra web part that is meant only for testing. By default the "mejbuser" role is mapped to "admin" .
        Anita Kulshreshtha made changes -
        Attachment mejb-ear-2.1-SNAPSHOT.ear [ 12365930 ]
        Attachment MEJB.java [ 12365929 ]
        Hide
        Anita Kulshreshtha added a comment -
        • mejb.patch deploys MEJB as an EJB module. The JNDI lookup is (available from var/geronimo.log)
          mejb-ejb/ejb/mgmt/MEJB/javax.managemment.j2ee.ManagementHome.
        • configs.patch disables the old MEJB
        • The mejb-ejb jar is attached for convenience.
          "mejbuser' role is mapped to "admin"
        Show
        Anita Kulshreshtha added a comment - mejb.patch deploys MEJB as an EJB module. The JNDI lookup is (available from var/geronimo.log) mejb-ejb/ejb/mgmt/MEJB/javax.managemment.j2ee.ManagementHome. configs.patch disables the old MEJB The mejb-ejb jar is attached for convenience. "mejbuser' role is mapped to "admin"
        Anita Kulshreshtha made changes -
        Attachment configs.patch [ 12366180 ]
        Attachment mejb.patch [ 12366179 ]
        Attachment mejb-ejb-2.1-SNAPSHOT.jar [ 12366181 ]
        Hide
        Anita Kulshreshtha added a comment -
        • The app mejb-war-2.1-SNAPSHOT.war is an app to access MEJB
        Show
        Anita Kulshreshtha added a comment - The app mejb-war-2.1-SNAPSHOT.war is an app to access MEJB
        Anita Kulshreshtha made changes -
        Attachment mejb-war-2.1-SNAPSHOT.war [ 12366282 ]
        Hide
        Anita Kulshreshtha added a comment -
        • config.patch (created from configs dir) for building mejb config
        Show
        Anita Kulshreshtha added a comment - config.patch (created from configs dir) for building mejb config
        Anita Kulshreshtha made changes -
        Attachment configs.patch [ 12366359 ]
        Hide
        Anita Kulshreshtha added a comment -

        The configs.patch has duplicates. Please use configs.diff

        Show
        Anita Kulshreshtha added a comment - The configs.patch has duplicates. Please use configs.diff
        Anita Kulshreshtha made changes -
        Attachment configs.diff [ 12366363 ]
        Hide
        Anita Kulshreshtha added a comment -

        The mejb.patch also has duplicates. please apply mejb.diff to applications dir

        Show
        Anita Kulshreshtha added a comment - The mejb.patch also has duplicates. please apply mejb.diff to applications dir
        Anita Kulshreshtha made changes -
        Attachment mejb.diff [ 12366380 ]
        Hide
        Anita Kulshreshtha added a comment -

        The openejb deployer had to be modified to deploy applications without starting the openejb configuration. Once the patches for openejb
        and openejb-builder attached to [1] are committed, I will commit this work.

        [1] http://issues.apache.org/jira/browse/GERONIMO-3481

        Show
        Anita Kulshreshtha added a comment - The openejb deployer had to be modified to deploy applications without starting the openejb configuration. Once the patches for openejb and openejb-builder attached to [1] are committed, I will commit this work. [1] http://issues.apache.org/jira/browse/GERONIMO-3481
        Hide
        Anita Kulshreshtha added a comment -

        GERONIMO-3456 is the latest patch

        Show
        Anita Kulshreshtha added a comment - GERONIMO-3456 is the latest patch
        Anita Kulshreshtha made changes -
        Attachment GERONIMO-3456.patch [ 12366563 ]
        Hide
        Anita Kulshreshtha added a comment -

        committed in rev579616. The default security settings are -

        • "admin" - read access
        • To get R/W access create a "mejb-admin" group (GeronimoGroupPrincipal). Any user in this group will have R/W access
        Show
        Anita Kulshreshtha added a comment - committed in rev579616. The default security settings are - "admin" - read access To get R/W access create a "mejb-admin" group (GeronimoGroupPrincipal). Any user in this group will have R/W access
        Hide
        Vamsavardhana Reddy added a comment -

        Rev 579681 in branches\2.0.

        Show
        Vamsavardhana Reddy added a comment - Rev 579681 in branches\2.0.
        Hide
        Kevan Miller added a comment -

        Anita, can this jira be closed, now?

        Show
        Kevan Miller added a comment - Anita, can this jira be closed, now?
        Anita Kulshreshtha made changes -
        Resolution Fixed [ 1 ]
        Status Open [ 1 ] Closed [ 6 ]
        Transition Time In Source Status Execution Times Last Executer Last Execution Date
        Open Open Closed Closed
        34d 19h 56m 1 Anita Kulshreshtha 11/Oct/07 10:39

          People

          • Assignee:
            Anita Kulshreshtha
            Reporter:
            Anita Kulshreshtha
          • Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development