In an effort to eliminate unsolicited e-mail, I have installed SpamEnder. You must REPLY to this e-mail, without modifying the subject line, so that SpamEnder will release your original message to my Inbox. Upon my approval, future e-mails you send to me will be released automatically. If you do not REPLY to this e-mail, SpamEnder will block all future e-mails from this address and will not give you another opportunity to reply.
---------------------------------------------------------- SpamEnder stops 100% of all SPAM e-mail and NEVER blocks the e-mail you wish to receive. It even comes with a Money Back Guarantee. For more information about SpamEnder, open your browser to http://www.spamender.com/ ---------------------------------------------------------- Copyright 2003, Evolvian, Inc. Excerpt from original message: Hello, Sorry for the confusion. Name is not the problem. I used the same 'administrator' for both the role and userName in my application. Renamed them in my email to try to avoid any confusion. It might be related to the lack of another layer of indirect mapping in EJB <security-role-ref>. Anyway I don't think hard-coded programmatic security check is a good approach. Instead of using isCallerInRole(), I tried another method isDeleteScheduleSuperUser() in my Session Facade: private boolean isDeleteScheduleSuperUser() { try { deleteScheduleSuperUser(); } catch (Exception e ) { // bury the exception return false; } return true; } public void deleteScheduleSuperUser() { } The deleteScheduleSuperUser() has to be published in the remote interface and define the method permission in deployment descriptors. Thanks. Denis -----Original Message----- From: A mailing list for Enterprise JavaBeans development [mailto:[EMAIL PROTECTED] Behalf Of Evan Ireland Sent: Monday, June 23, 2003 4:08 PM To: [EMAIL PROTECTED] Subject: Re: ejbSessionContext.isCallerInRoll() Denis, You have used two differtent names for the role. What happens if you call: getSessionContext().isCallerInRole("administrator") ? > -----Original Message----- > From: A mailing list for Enterprise JavaBeans development > [mailto:[EMAIL PROTECTED] Behalf Of Denis Wang > Sent: Tuesday, 24 June 2003 7:42 a.m. > To: [EMAIL PROTECTED] > Subject: ejbSessionContext.isCallerInRoll() > > > Hi, all, > > I encounter the following problem when I debug a session facade: > getSessionContext().getCallerPrincipal().getName() > (debug value: "administratorUser" ) > getSessionContext().isCallerInRole("administratorRole") > (debug value: false, which is not what I expected) > > The logged in user 'administratorUser' is believed to be in the role of > 'administratorRole'. > For example, > <method-permission> > <role-name>administrator</role-name> > <method> > <ejb-name>ScheduleSessionFacadeEJB</ejb-name> > <method-intf>Remote</method-intf> > <method-name>deleteSchedule</method-name> > </method> > </method-permission> > > If I comment out the line > <role-name>administrator</role-name> > the administratorUser will trigger an exception when trying to > "deleteSchedule". > > It seems to me, the declarative Container Manager Security works, but my > programmatic security check fails. It is weird. > > Could anyone shed some lights please? > Thanks. > Denis > > ================================================================== > ========= > To unsubscribe, send email to [EMAIL PROTECTED] and include > in the body > of the message "signoff EJB-INTEREST". For general help, send email to > [EMAIL PROTECTED] and include in the body of the message "help". > > =========================================================================== To unsubscribe, send email to [EMAIL PROTECTED] and include in the body of the message "signoff EJB-INTEREST". For general help, send email to [EMAIL PROTECTED] and include in the body of the message "help". =========================================================================== To unsubscribe, send email to [EMAIL PROTECTED] and include in the body of the message "signoff EJB-INTEREST". For general help, send email to [EMAIL PROTECTED] and include in the body of the message "help". ==========================================================================To unsubscribe, send email to [EMAIL PROTECTED] and include in the body of the message "signoff EJB-INTEREST". For general help, send email to [EMAIL PROTECTED] and include in the body of the message "help".
