File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes EJB Certification (SCBCD/OCPJBCD) and the fly likes run-as related question Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Certification » EJB Certification (SCBCD/OCPJBCD)
Bookmark "run-as related question" Watch "run-as related question" New topic
Author

run-as related question

Leena Diwan
Ranch Hand

Joined: Jun 18, 2001
Posts: 351
What is the implication of specifying the run-as identity for a bean?

My understanding is as follows :
1. The run-as identity gets passed in the call chain, unless another run-as specified for another bean in the call chain.
2. If the security infrastructure performs principal mapping, the getCallerPrincipal() method returns the principal that is the result of the mapping, not the original caller principal. Is there a 'logical' principal in picture, so that a mapping needs to be performed? I did not read anyone else deal with Principals except the Deployer.

3. Specifying run-as does not change the result of getCallerPrincipal() or isCallerInRole() methods for both the beans involved. Please confirm this for me. If this is true, in what way we can 'check' the presence of the <run-as> identity in the other bean?

Regards,
Leena


[SCJP2, SCWCD1.3, SCBCD]
Subhash Bhushan C
Ranch Hand

Joined: Jan 27, 2005
Posts: 106
Let me try to clear your doubts with theory first, and then give an example:

1.

The run-as identity gets passed in the call chain, unless another run-as specified for another bean in the call chain.

Correct. If Bean A has specified as a <run-as> as "SuperBean", its original principal belonged to the role "VIPCustomer", and if it calls Beans B and C, then Beans B and C will see the principal as "SuperBean" role. Unless Bean B declares a <run-as> of its own of course.

2.

If the security infrastructure performs principal mapping, the getCallerPrincipal() method returns the principal that is the result of the mapping, not the original caller principal. Is there a 'logical' principal in picture, so that a mapping needs to be performed? I did not read anyone else deal with Principals except the Deployer.

Yes, a logical principal is in the picture, when Bean A specifies its own <run-as>. And yes, the Deployer usually changes the duplicate name provided by the Application-Assembler with the correct role in the operational environment. But this rule need not be strictly adhered to. Bean A can always use another dummy logical role, just because Bean B needs a specific kind of role to operate.

3.

Specifying run-as does not change the result of getCallerPrincipal() or isCallerInRole() methods for both the beans involved. Please confirm this for me. If this is true, in what way we can 'check' the presence of the <run-as> identity in the other bean?

Specifying <run-as> does change the result of getCallerPrincipal() or isCallerInRole() methods for Bean B. Bean B will see the role specified by the run-as of Bean A as its principal. Remember, "Establishing a run-as identity for an enterprise bean does not affect the identities of its callers, which are the identities tested for permission to access the methods of the enterprise bean. The run-as identity establishes the identity the enterprise bean will use when it makes calls".

Hope an example will clear your doubts.

Beans Involved: Bean A, Bean B and Bean C.

Roles in Beans:
Bean A (Request for Leave) :
Chairman
Manager
HR
Bean B (Request for Leave) :
Employee
Bean C (Grant the Actual leave) :
I only base my decisions whether the person who is calling me is NeedApproval or DontNeedApproval.

Lets assume a scenario where a Hard-working employee is trying to request for leave.

Bean A :
Caller Principal : Real employee of the organization (Chairman, Manager or HR)
Logic : Upper rung of the ladder; do not need any approval.
Run-as : DontNeedApproval
Calling Bean : Bean C
Bean B :
Caller Principal : Real employee of the organization (Employees)
Logic : Lower rung of the ladder; do not need any approval.
Run-as : NeedApproval
Calling Bean : Bean C
Bean C :
Caller Principal : NeedApproval or DontNeedApproval
Logic : If the caller is NeedApproval, log the entry to his respective Manager's desk and stop there. Else if the caller is DontNeedApproval, directly approve the leave immediately.
Run-as : NA
Calling Bean : NA
[ March 06, 2005: Message edited by: Agni Vartula ]

Regards,<br />Subhash Bhushan.
Leena Diwan
Ranch Hand

Joined: Jun 18, 2001
Posts: 351
Thank you Agni for taking time to write an example also. It is clear now.

Regards,
Leena
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: run-as related question
 
Similar Threads
caller principal question from spec
run-as
getCallerPrincipal()
Security - Principal & run-as-identity
Doubt with EJB Programmatic Security