File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes EJB Certification (SCBCD/OCPJBCD) and the fly likes EJB 3.1 MDB isCallerInRole() Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Certification » EJB Certification (SCBCD/OCPJBCD)
Bookmark "EJB 3.1 MDB isCallerInRole()" Watch "EJB 3.1 MDB isCallerInRole()" New topic
Author

EJB 3.1 MDB isCallerInRole()

Cosmin Nicolae Vacaroiu
Ranch Hand

Joined: Feb 10, 2011
Posts: 52

Hello,

In Enterprise.JavaBeans.3.1.6th.Edition it says that if you invoke isCallerInRole on MDB you get an Exception ! which seems legit.

BUT in the tests I do from Enthuware it says that it checks upon the value of @RunAs on the MDB, if any !

Who's wrong ?

ps: I'm takin the exam in 3 days, so a quick answer will be great.


SCJP 6 (93%), SQL Expert 11g (95%), SCWCD 6 (84%), OCE-EJBD 6 (98%), OCE-JPAD 6 (93%)
Mikalai Zaikin
Ranch Hand

Joined: Jun 04, 2002
Posts: 3199
    
    5
Hi !

I don't see here any contradiction.

1) Caller of MDB is unknown, so mdbContext.isCallerInRole(XXX) does not make sense and should throw exception.

2) On the other hand, the MDB may work as a caller of another EJB (like Stateless Session EJB), and developer can assign MDB a role which MDB will use when call *other* EJB. So sessionBeanContext.isCallerInRole(YYY) will make sense, since MDB will have some role assigned via @RunAs (or matching XML descriptor.)

HTH,
MZ


Free SCDJWS 5.0 Study Guide - SCDJWS 5.0 Quiz (How to get SCDJWS 5.0 Quiz)
Java Platform, Enterprise Edition 6 Web Services Developer Certified Expert Exam Study Guide and Quiz
Cosmin Nicolae Vacaroiu
Ranch Hand

Joined: Feb 10, 2011
Posts: 52

Well, my question is about the call for isCallerInRole done on mdbContext.
Mikalai Zaikin
Ranch Hand

Joined: Jun 04, 2002
Posts: 3199
    
    5
Cosmin Nicolae Vacaroiu wrote:Well, my question is about the call for isCallerInRole done on mdbContext.


Hello,

I am not sure I understand your question: what in particular is confusing?

The bean provider CAN invoke mdbContext.isCallerInRole(XXX), but it does not make sense (explained above), and container-provider-specific - it may return either something useful, or for example it may throw exception.

Please, refer EJB 3.1 specificatioon, section 5.4.13:



5.4.13 Security Context of Message-Driven Bean Methods

A caller principal may propagate into a message-driven bean’s message listener methods. Whether this occurs is a function of the specific message-listener interface and associated messaging provider, but is not governed by this specification.

The Bean Provider can use the @RunAs metadata annotation (or corresponding deployment descriptor element) to define a run-as identity for the enterprise bean. The run-as identity applies to the bean’s message listener methods and timeout methods. Run-as identity behavior is further defined in the Security chapter in Section 17.3.4.1.



HTH,
MZ
Cosmin Nicolae Vacaroiu
Ranch Hand

Joined: Feb 10, 2011
Posts: 52

This is the question:

A MDB with container managed transaction demarcation (CMTD) can call ... from within its onMessage() method.

one of the options: MessageDrivenContext.isCallerInRole()

the explanation:

Although there is no client for a MDB, it can still call isCallerInRole and getCallerPrincipal. This is as per Table 4, Section 5.5.1 of EJB 3.1 Specification.

These methods will return the values a per the "run-as" configuration of the bean. This is defined in Section 17.3.4





-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Anywayz, I tested myself and the results on Glassfish 3 are:

Mikalai Zaikin
Ranch Hand

Joined: Jun 04, 2002
Posts: 3199
    
    5
Cosmin Nicolae Vacaroiu wrote:This is the question:

A MDB with container managed transaction demarcation (CMTD) can call ... from within its onMessage() method.

one of the options: MessageDrivenContext.isCallerInRole()

the explanation:

Although there is no client for a MDB, it can still call isCallerInRole and getCallerPrincipal. This is as per Table 4, Section 5.5.1 of EJB 3.1 Specification.

These methods will return the values a per the "run-as" configuration of the bean. This is defined in Section 17.3.4


I am still not sure what is the question. I see you quoted some statement, probably from Enthuware quiz.


The @RunAs role defined on MDB (Bean1) does nothing to ctx.isCallerInRole(xxx) invoked in the same EJB (Bean1), it will make sense and can be checked only on the called EJB (Bean2).

As specification says, calling with bean1Ctx.isCallerInRole(xxx) gives unpredictable result in case Bean1 is MDB.

regards,
MZ

Cosmin Nicolae Vacaroiu
Ranch Hand

Joined: Feb 10, 2011
Posts: 52

Glassfish returns false and principan name Anonymous. But I think that the EJB Specification says it should throw Exception.
Same is true for Timeout methods.

Thanks.
the thread can be closed
Paul Anilprem
Enthuware Software Support
Ranch Hand

Joined: Sep 23, 2000
Posts: 3253
    
    2
Cosmin Nicolae Vacaroiu wrote:Glassfish returns false and principan name Anonymous. But I think that the EJB Specification says it should throw Exception.
Same is true for Timeout methods.

Thanks.
the thread can be closed


Hi Cosmin,
The specification clearly mentions isCallerInRole and getCallerPrincipal in Table 4 (page 149, Section 5.5.1) under "Bean method can perform the following operations". So that is why this is a correct option. GlassFish behaves accordingly.

HTH,
Paul.


Enthuware - Best Mock Exams and Questions for Oracle/Sun Java Certifications
Quality Guaranteed - Pass or Full Refund!
 
jQuery in Action, 2nd edition
 
subject: EJB 3.1 MDB isCallerInRole()
 
Similar Threads
get security info about the client
Question in MDB 2
Security for MDB
security-role-ref Tag In MDB?
Container callback restrictions...