MDB: problem using group as principal name when using @RunAs annotation
posted 4 years ago
I am having a problem using group name as principal name when using @RunAs annotation in a message driven bean. I am not able to deploy the MDB.
I would like the code in my onMessage() method to be executed with a specific role/user, so I want to use the @RunAs annotation to achieve this.
I am running weblogic 10.3.5
I have created the following in weblogic console:
- Group "SampleGroup"
- User "SampleUser", member of "SampleGroup"
when I try to deploy the MDB jar in weblogic , the following error is thrown:
Unable to deploy EJB: UIMAdapterMessageDrivenBean from UIMCartridgeManagementAdapterEJB.jar:
The run-as security principal, 'SampleGroup', chosen for the EJB 'UIMAdapterMessageDrivenBean(Application: inventory-adapter, EJBComponent: UIMCartridgeManagementAdapterEJB.jar)' is not a valid user principal in the current security realm. Please specify a valid user principal for the EJB to use.
Instead of group name as principal name if I provide the user "SampleUser", every thing works fine and MDB works fine.
when we use run-as should the security principal always be user rather than a group. In that case how can I allow a certain group with a particular role execute onmessage.
rather than annotation I even tried using run-as attribute in the ejb-jar.xml , i.e