>> According to Section 14.2 of the EJB 1.0 Spec, you should be able to do
>>
>> Identity roleIdentity = new Identity("roleName");
>>
>> This is not vendor-specific.
>Granted, but OTOH it's not working either ;-)
>Identity is an abstract class. Ye can't instantiate it. OTOH you can't
>instantiate Principal either which is used in EJB1.1.
>The workaround is to do getCallerIdentity().getName() which yields a
>String that you can work with.
Well, it looks like the spec is wrong. A workaround would be to create
your own identity class such as:
import java.security.Identity;
import java.security.IdentityScope;
import java.security.KeyManagementException;
public class RoleIdentity extends Identity {
public RoleIdentity(String name) {
super(name);
}
public RoleIdentity(String name, IdentityScope scope)
throws KeyManagementException {
super(name, scope);
}
}
and use that to create your Identity object. All the methods in the
Identity abstract class are implemented so you don't have to provide
any implementation. One potential problem with this is that an EJB
server has its own Identity subclass (weblogic.security.acl.GroupImpl
for WebLogic, I think). You need to make sure that the identity object
that you constructed based on your class will be considered the
same identity based on the vendor's class for the same String name.
Check out the final method equals() defined in the Identity class.
Of course, you may use the vendor's class directly if you don't have
problems with that.
In any case, this problem should go away in EJB 1.1 because the method
isCallerInRole(String roleName) has been changed to take a String role name
instead of an
Identity object.
-Jian
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
