Win a copy of Re-engineering Legacy Software this week in the Refactoring forum
or Docker in Action in the Agile forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Default Security Role for MDB

 
Timothy Toe
Ranch Hand
Posts: 156
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
When I was reading �BANG!� on page 592 of HF-EJB, this question came to my mind :

If MDB can�t have <use-caller-identity> (which is the default for SB and EB), then by default, who�s identity gets propagated when a MDB calls another bean ? The container�s identity ? Can�t be right ?

Can anyone help me understand this ?
 
Valentin Crettaz
Gold Digger
Sheriff
Posts: 7610
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You may specify a run-as identity in the deployment descriptor that will identify the role to be taken by the message listener method (onMessage). If the latter method calls other methods, it will pass on the run-as identity. For more information, please have a look at section 21.6.4 of the EJB 2.0 specification.
 
Timothy Toe
Ranch Hand
Posts: 156
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I know I [may specify a run-as identity]. I question is, what if I don't specify anything. What is the default behaviour ? What is the default role that will be propagated to the other bean that the MDB calls ?

I know SB and EB has the default as <use-caller-identity/>. So... since MDB can't have this... what then ?

The smallest granularity for specifying a role in <run-as> is only as small as a class (class wide) ? We can't say, for ex :
method1 of beanA present itself as role1 to the method that it calls and
method2 of beanA present itself as role2 to the method that it calls
right ?


Crettaz, Many Thanks... oh and also Merry Christmas.
 
Valentin Crettaz
Gold Digger
Sheriff
Posts: 7610
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
OK I see...

The best way to discover that is to write a simple MDB A that calls a method m() declared in another bean B and in m() call getContext().getCallerPrincipal() to see what comes back.

Try it out, writing code is the best way to understand how things work

Merry Christmas to you, too.
[ December 23, 2004: Message edited by: Valentin Crettaz ]
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic