Re: [JBoss-user] required?

Michael Jara Tue, 10 Jul 2001 21:21:17 -0700
First of all, I had a type-o in my original message:  I meant to say
"<role-name>" was required, not "<role-ref>" (no such thing!)

My complete ejb-jar.xml is really long (which is why I was trying to leave
out the <role-link>s,) but here's a truncated section of it:

                <entity>
                        <ejb-name>ETSEvent</ejb-name>

<home>siemens.sea.gts.ets.ejb.event.ETSEventHome</home>

<remote>siemens.sea.gts.ets.ejb.event.ETSEvent</remote>

<ejb-class>siemens.sea.gts.ets.ejb.event.ETSEventBean</ejb-class>
                        <persistence-type>Container</persistence-type>
                        <prim-key-class>java.lang.String</prim-key-class>
                        <reentrant>False</reentrant>

... truncated CMP fields & EJB refs ...

                        <security-role-ref>
                                <description>Allowed to set events w/any
parameters</description>
                                <role-name>SystemAdministrator</role-name>
                        </security-role-ref>
                        <security-role-ref>
                                <description>Allowed to set events w/any
parameters</description>
                                <role-name>TOCOperator</role-name>
                        </security-role-ref>
                        <security-role-ref>
                                <description>Allowed to set construction
events only</description>
                                <role-name>Manager_Construction</role-name>
                        </security-role-ref>

... truncated remaining role refs ...

Then in a business method of that bean, I was using
"context.isCallerInRole("SystemAdministrator")" and
"context.isCallerInRole("TOCOperator")".  These "isCallerInRole" calls
always failed (I double-checked spelling, re-deployed several times, put a
bunch of debug statements to show "context.getCallerPrincipal().getName()".

As soon as I added "<role-link>SystemAdministrator</role-link>" to the
security-role-ref, the code behaved correctly for SystemAdministrator users.
It was a simple matter to add role-links to the rest of my role-refs, but I
thought I should mention it.

Should I log a bug?

Thanks,
Mike

----- Original Message -----
From: "Scott M Stark" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, July 10, 2001 9:41 PM
Subject: Re: [JBoss-user] <role-link> required?


>
> Show your ejb-jar.xml descriptor.
> ----- Original Message -----
> From: Michael Jara
> To: [EMAIL PROTECTED]
> Sent: Tuesday, July 10, 2001 7:59 PM
> Subject: [JBoss-user] <role-link> required?
>
>
> I'm trying to use "isCallerInRole" inside an EJB, but it doesn't seem to
> return the correct information unless a <role-link> is present.  I beleive
> the EJB 1.1 spec says that <role-link> is optional (although <role-ref> is
> required.)  If <role-link> is not present, the value <role-ref> is treated
> as a <role-link>.
>
> I assume this is a (very minor) bug, I haven't seen any mention of it in
the
> list archives.  Can anyone confirm / deny this?
>
> Thanks,
> Mike
>
>
> _______________________________________________
> JBoss-user mailing list
> [EMAIL PROTECTED]
> http://lists.sourceforge.net/lists/listinfo/jboss-user
>


_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-user
Re: [JBoss-user] required?

Reply via email to
