I'm trying to convert some our session beans to EJB 3.0 prior to an AS 5.0
upgrade, and we use JAAS heavily in our server.
When I have the code:
| public interface TestSessionBean {
| public void execute();
| }
@Stateless
| @TransactionManagement(TransactionManagementType.CONTAINER)
| @Remote(TestSessionBean.class)
| @Local(TestSessionBean.class)
| @RunAs("testRole")
| public class TestSessionBeanImpl implements TestSessionBean {
| @Resource
| private SessionContext context;
|
| public void execute() {
| System.out.println("CallerPrincipal: " +
context.getCallerPrincipal().getName());
| System.out.println("CallerInRole(testRole): " +
context.isCallerInRole("testRole"));
| }
| }
The bean is deployed correctly and can be invoked, but it prints "false", the
caller is not in the "testRole", despite the RunAs annotation.
When I look through the 4.2.3 code, it looks like their may be a fence-post
problem in org.jboss.security.SecurityAssociation$RunAsThreadLocalStack.peek()
(Line 686), because the "testRole" RunAsIdentity is in the stack at the [1]
position, null is at the [0] position, and it only looks at [0] and then exits
because the depth is now 2.
Is this to correct behavior? Did something change about RunAs for EJB 3.0?
A similar configuration in an assembly descriptor granted the role to the bean
it was defined for in the EJB 2.x version.
I also looked in JIRA and didn't see a bug directly about this problem. I may
try a preemptive upgrade to 5.0 and just see if the problem is resolved there.
-Andrew
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4224953#4224953
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4224953
_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user
