I now understand that the result of getCallerIdentity is not affected by the
RunAs mode of the currently executing method, but it is affected by the
RunAs mode of the EJBean method which invoked the currently executing bean
method. Of course, if the currently executing method was not invoked from
another EJBean method, then this is not an issue.
To summarize the consensus on this:
The getCallerIdentity method will return the identity specified in the RunAs
mode of the EJBean method which invoked the currently executing method. If
the RunAs mode of the invoker is CLIENT_IDENTITY, then it will return the
Identity associated with the invoker of the invoker of the currently
executing method. If the RunAs mode of the invoker is SPECIFIED_IDENTITY,
then a specific instance of Identity will be returned. If the RunAs mode of
the invoker is SYSTEM_IDENTITY, then it will return a platform specific
Identity with system priveleges. If the invoker is not another EJBean, then
getCallerIdentity will return the Identity of the Principal responsible for
the request.
--Chip
> -----Original Message-----
> From: Sriram Srinivasan [SMTP:[EMAIL PROTECTED]]
> Sent: Thursday, March 11, 1999 2:42 PM
> To: [EMAIL PROTECTED]
> Subject: Re: getCallerIdentity and RunAs mode
>
> Chip Wilson wrote:
> >
> > Is the result of getCallerIdentity in EJBContext affected by the RunAs
> mode
> > of the bean method calling it?
> >
> > The spec seems vague on this. I would love to hear from one of the spec
> > authors, but I'll take any opinions I can get!
>
> Yes. getCallerIdentity should be the new identity, otherwise what's the
> point of changing the identity? It is no different from setuid.
>
> S.
>
> ==========================================================================
> =
> To unsubscribe, send email to [EMAIL PROTECTED] and include in the
> body
> of the message "signoff EJB-INTEREST". For general help, send email to
> [EMAIL PROTECTED] and include in the body of the message "help".
>
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
