Re: isCallerInRole(...) always return false

David Blevins Tue, 18 Dec 2007 13:54:50 -0800


On Dec 18, 2007, at 12:54 PM, cvx22 wrote:

Hi gurus,
I'm just starting my experience with javaee and apache Geronimo. Thefirst
is EJB. I created simple session bean based on MyPhonebookBean from
Geronimo's pages. I spen't much time on login configuration and itworks.
now i have a problem with <context>.isCallerInRole().
Each time I invoke this method on SessionContext, it return false.
getCallerPrincipal method works correctly.
@RolesAllowed("Reader") works correctly. without clientauthorizations I
can't invoke this method.
The strange thing is, ctx.isCallerInRole("Reader") returns false. Ireally
don't now why.
Why @RolesAllowed is ok, but isCallerInRole not.
I think this may be some configuration error or bug.
I have no idea where is problem. Last thing I wish to do, is sourcecodedebugging, started it, but it is hard work and until now didn'tfound any
hint.
I need this method working correctly for beans, which I plan to write.


Add @DeclareRoles({"Reader"}) to the class and it should work fine.

-David

thanks for help.
Artur,

Geronimo is 2.0.2.
more about code:
I use standalone ejb client. there is most important part of code:
=====================
        Properties env = new Properties();
        
        String jndiProvider =
"org.apache.openejb.client.RemoteInitialContextFactory";
        env.put( Context.INITIAL_CONTEXT_FACTORY , jndiProvider);
        env.put( Context.PROVIDER_URL, "tcp://127.0.0.1:4201");
        env.put( Context.SECURITY_PRINCIPAL, "user");
        env.put( Context.SECURITY_CREDENTIALS, "password");
        env.put( "openejb.authentication.realmName", "test-realm");
        
        try {
                Context ctx = new InitialContext(env);
        
            Object obj = ctx.lookup( "MyPhonebookBeanRemote");
            System.out.println("Accessing: "+obj.getClass());
        
            MyPhonebookRemote pbr = (MyPhonebookRemote) obj;
            PhoneBook b = pbr.findByPrimaryKey("Joe");
        
=====================
in MyPhonebookBean class i have method:
where SessionContext ctx;
=====================
       @RolesAllowed("Reader")
       public PhoneBook findByPrimaryKey(String name) {
               EntityManager em = emf.createEntityManager();
               System.out.println("Caller.role:
"+ctx.isCallerInRole("Reader"));
   [...]
=====================
in openejb-jar.xml there is just:
threre is also security realm description "test-ream" cooperating with

MySQL. it works correctly (i.e. if i chage password in DB, usercan't login)

=====================

<security xmlns="http://geronimo.apache.org/xml/ns/security-2.0">

               <role-mappings>
                       <role role-name="Reader">
                               <principal

class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal"

name="Reader"/>
                       </role>
       [...]
=====================

--
View this message in context: 
http://www.nabble.com/isCallerInRole%28...%29-always-return-false-tp14405574s134p14405574.html

Sent from the Apache Geronimo - Users mailing list archive atNabble.com.

Re: isCallerInRole(...) always return false

Reply via email to