Win a copy of Clojure in Action this week in the Clojure forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Am I missing something???

 
Vijay Govind
Greenhorn
Posts: 27
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Folks

From a message driven bean, I make a call to a session bean. The caller of the MDB as you know is the container and in the called session bean if I make a call to the method like getCallerPrincipal() on the Session bean's context what will be the result? How can I access restrict such a call from MDB as container propably wont fit into any of the roles.

Thanks and please relieve me of this confusion.
Vijay.
 
Hafizur Rahman
Ranch Hand
Posts: 98
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Probably you will get an UNAUTHORIZED user principal (container implementation specific thing).
 
Ajay Natarajan
Greenhorn
Posts: 9
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
you can use the security-identity flag and let the MDB run-as a defined role. You can also use the unchecked flag on the SB's methods.
 
Vijay Govind
Greenhorn
Posts: 27
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks Ajay. But I dont think your answers are related to my question and I my question is about restricting and not about allowing.
 
Edvins Reisons
Ranch Hand
Posts: 364
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
my feeling is that you are not supposed to put security restrictions on the container
 
Vijay Govind
Greenhorn
Posts: 27
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hmmm...That might be it....Thanks a lot.
 
Lawrence Johnbosco
Greenhorn
Posts: 21
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

Just an idea.. If you don't want the MDB to invoke the Session bean, it means you are expecting only a certain roles to access the Session bean, In that scenario, you can specify the @RolesAllowed annotation in the Session Bean to enumerate the allowed application specific roles -- this will restrict the "anonymous" calls from the MDB.

Will that help..


Regards..Lawrence J
 
I agree. Here's the link: http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic