#66 Security Changes

[Scott M Stark]

Added support for the EJB2.0 ejb-jar/assembly-
descriptor/method-permission/unchecked
element that allows a method to be declared as
accessible by all.

Added support for the EJB2.0 ejb-jar/assembly-
descriptor/exclude-list
element that allows a method to be declared as
accessible to no one.

Added an unauthenticated-principal element to allow
for the specification of
the principal that should be returned by the
EJBContext.getCallerPrincipal() method.
This principal has no assigned roles.

Added support for a jboss/container-
configurations/container-configuration/security-domain
element that allows for the security manager name.
This should be used in place of
the role-mapping-manager and authentication-module
elements. You can no longer supply
independent role mapping and authentication functions.

The custom security proxy interceptor has been broken
out into a SecurityProxyInterceptor
that is only added to a container if the configuration
has requested a custom security
proxy. The interceptor is inserted before the
container interceptor so that the
EJBContext and bean instance are available to the
custom security proxy.

[Nobody/Anonymous]

Logged In: NO

Hi, I was wondering if this already been added?
" The next JBoss release will provide more control over
the default cache policy behavior. "

from forum:
http://www.jboss.org/forums/thread.jsp?forum=49&thread=2778&message=122833&redirect=true&hilite=true
&q=flush+user+authentiaction+cache