hmm, a sample is always better than a lot of copy/paste ;) *Romain Manni-Bucau* *Twitter: @rmannibucau <https://twitter.com/rmannibucau>* *Blog: **http://rmannibucau.wordpress.com/*<http://rmannibucau.wordpress.com/> *LinkedIn: **http://fr.linkedin.com/in/rmannibucau* *Github: https://github.com/rmannibucau*
2013/6/11 hwaastad <[email protected]> > I will asap :-) > > Another issue, perhaps. > > I've updated my sample project > I've added a "border layer" between jsf managed beans and ejb layer > > Maybe this is a little odd scenario, but anyhow. > > topology (I've skipped the debug statements): > > RequestScoped Bean -> Bordercontroller EJB -> BusinessBean EJB > > RequestScopedBean: > @Named > @RequestScoped > public class ViewController { > > @EJB private BorderController borderController; > public void action(ActionEvent event){ > borderController.sayHelloBorder(); > } > } > BorderControllerBean: > > @Stateless > @RunAs("InternalGroup") > @DeclareRoles({"InternalGroup","SuperAdmin"}) > public class BorderControl { > > @EJB > private BusinessBean businessBean; > @Resource > private SessionContext sessionContext; > > > @RolesAllowed("SuperAdmin") > public void sayHelloBorder() { > businessBean.sayHello(); > } > } > > BusinessBean; > @Stateless > @DeclareRoles({"InternalGroup", "SuperAdmin"}) > public class BusinessBean { > @Resource > SessionContext sessionContext; > > @RolesAllowed("InternalGroup") > public void sayHello() { > } > } > > In TomEE Access to the borderController is denied: > > ViewController Start > ViewController: User is in SuperAdmin > ViewController: Calling BorderController. Principal Name: admin > > > > In Glassfish: > > INFO: ViewController Start > INFO: ViewController: User is in SuperAdmin > INFO: ViewController: Calling BorderController. Principal Name: admin > INFO: BorderControl:Start > INFO: BorderControl: User is in SuperAdmin > INFO: BorderControl:Calling Businessbean. Principal Name: admin > INFO: BusinessBean Start > INFO: BusinessBean: User is in InternalGroup > INFO: BusinessBean: Hello: internal-user > > br, > hw > > > > > -- > View this message in context: > http://openejb.979440.n4.nabble.com/Tomee-and-security-role-mapping-tp4663567p4663639.html > Sent from the OpenEJB User mailing list archive at Nabble.com. >
