On May 24, 2004, at 7:53 PM, David Jencks wrote:
(this is jira http://jira.codehaus.org/browse/OPENEJB-5 but the jira-mailing list link seems to be broken)
The EntityInstanceInterceptor calls flush on the context after the actual invocation has completed. This results in ejbStore being called on the ejb instance. However, the call is not routed through the rest of the interceptor stack. This results in:
wrong security permissions for the ejbStore call (EJBIdentityInterceptor skipped)
possible wrong identity (EJBRunAsInterceptor skipped)
What are the correct security permissions for ejbStore?
wrong environment for connector framework (ConnectionTrackingInterceptor skipped)
Currently the missing ConnectionTrackingInterceptor is causing npes for bmp tests as the framework attempts to find out if the connection requested in ejbStore is supposed to be shareable or unshareable. With container managed security and a realm mapping, a connection obtained under these circumstances could be for the wrong subject as well (runas interceptor missing).
I suspect similar problems hold for ejbActivate, ejbPassivate, and ejbLoad.
I'm not sure what we do here. Since these call backs can happen at any time, I'm not sure what the "right" identity will be.
-dain
