aspose file tools*
The moose likes EJB Certification (SCBCD/OCPJBCD) and the fly likes afterCompletion method Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Certification » EJB Certification (SCBCD/OCPJBCD)
Bookmark "afterCompletion method" Watch "afterCompletion method" New topic
Author

afterCompletion method

Sany Bel
Ranch Hand

Joined: Mar 12, 2004
Posts: 51
According to spec page # 80 the foolowing operations are allowed in afterCompletion method:
SessionContext methods: getEJBHome,
getEJBLocalHome, getCallerPrincipal,
isCallerInRole, getEJBObject,
getEJBLocalObject
JNDI access to java:comp/env
On Page 81, it says the following :
1) Invoking the getCallerPrincipal and isCallerInRole methods is disallowed in
the session bean methods for which the Container does not have a client security context.
2) Accessing resource managers and enterprise beans is disallowed in the session bean methods
for which the Container does not have a meaningful transaction context or client security context.
My question is that the getCallerPrincipal and isCallerInRole operations are allowed in afterCompletion method, which means it has a client security context. Then why can't it access resource managers and enterprise beans?


--------------<br />Sany Bel<br />SCJP 1.4, SCBCD
Dale Seng
Ranch Hand

Joined: Mar 22, 2004
Posts: 275
I think maybe because it's no longer got a "meaningful transaction context", but what the heck do I know?
--Dale--
Weerawit Maneepongsawat
Ranch Hand

Joined: Apr 11, 2002
Posts: 203
Originally posted by Sany Bel:
According to spec page # 80 the foolowing operations are allowed in afterCompletion method:
SessionContext methods: getEJBHome,
getEJBLocalHome, getCallerPrincipal,
isCallerInRole, getEJBObject,
getEJBLocalObject
JNDI access to java:comp/env
On Page 81, it says the following :
1) Invoking the getCallerPrincipal and isCallerInRole methods is disallowed in
the session bean methods for which the Container does not have a client security context.
2) Accessing resource managers and enterprise beans is disallowed in the session bean methods
for which the Container does not have a meaningful transaction context or client security context.
My question is that the getCallerPrincipal and isCallerInRole operations are allowed in afterCompletion method, which means it has a client security context. Then why can't it access resource managers and enterprise beans?


because the Transaction is gone in afterCompletion method,
Does it make sense?


Weerawit<br />SCJP 1.4, SCWCD 1.2, SCWCD 1.4, SCBCD 1.3, SCBCD 5.0, SCMAD 1.0, SCJA 1.0, SCDJWS, SCJD, SCEA, SCDJWS 1.5
Sany Bel
Ranch Hand

Joined: Mar 12, 2004
Posts: 51
But it still has client security context, which should be ok to access resource managers and enterprise beans as per the spec(look at point 2).
Valentin Crettaz
Gold Digger
Sheriff

Joined: Aug 26, 2001
Posts: 7610
The point two says that "Accessing resource managers and enterprise beans is disallowed in the session bean methods for which the Container does not have a meaningful transaction context or client security context.
The important part is "is disallowed". This is pure logic. Accessing the resource managers and enterprise beans is disallowed if the container does not EITHER have a transaction context OR a client security context. Thsi means that if any of those conditions (not both of them) is not true, then the access is disallowed.


SCJP 5, SCJD, SCBCD, SCWCD, SCDJWS, IBM XML
[Blog] [Blogroll] [My Reviews] My Linked In
Sany Bel
Ranch Hand

Joined: Mar 12, 2004
Posts: 51
That confuses me even more. Does that mean that the client has acesss to the resource managers if he has both transaction context and a client security context? If that is the case how is that ejbCreate, ejbRemove, ejbActivate, ejbPassivate have access to resource managers even if they do not have a valid transaction context?
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: afterCompletion method