Hi give your conf please
- Romain 2012/6/21 Anthony Fryer <[email protected]> > I have a Stateless Session EJB with an injected SessionContext. I have a > method where i try to use the isCallerInRole method to determine if a user > is an ADMIN user or not but this method always returns false, even for > users > that are ADMIN users. The code is below... > > @Stateless > public class UserImpl implements UserService { > > @PersistenceContext(unitName="poker-entities") private EntityManager > em; > > @Resource private SessionContext sctx; > > @Override > @RolesAllowed({"ADMIN","USER"}) > @TransactionAttribute(TransactionAttributeType.REQUIRED) > public void userUpdate(User user) { > > User currentUser = this.findCurrentUser(); > if (currentUser == null || (currentUser.getId() != > user.getId() && !sctx.isCallerInRole("ADMIN"))) { > throw new EJBAccessException("Principal does not > have permission to call this method"); > } > > em.merge(user); > } > } > > If i change the @RolesAllowed annotation to @RolesAllowed({"ADMIN"}) which > guarantees that only ADMIN users can call the method, the call to > sctx.isCallerInRole("ADMIN") still returns false. > > Cheers, > > Anthony > > -- > View this message in context: > http://openejb.979440.n4.nabble.com/SessionContext-isCallerInRole-always-returns-false-tp4655705.html > Sent from the OpenEJB User mailing list archive at Nabble.com. >
