wood burning stoves*
The moose likes EJB Certification (SCBCD/OCPJBCD) and the fly likes query about RunAs annotation ? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Certification » EJB Certification (SCBCD/OCPJBCD)
Bookmark "query about RunAs annotation ?" Watch "query about RunAs annotation ?" New topic
Author

query about RunAs annotation ?

gurpeet singh
Ranch Hand

Joined: Apr 04, 2012
Posts: 924
    
    1

Lets have 2 stateless session beans A and B. also there is servlet which invokes method on Bean A which further invokes method on Bean B. consider following snippets of code and DD.

SessionBean A :



Session Bean B :





sun-web.xml DD




Servlet :



this is my web.xml





in the glassfish security realm/domain i have created a group named test with 2 users namely ammu and anuj. in the dd above i have mapped role guest to this group name test. also i have a role admin mapped to principal guru. now when i invoke my servlet i get the following exception :


|#]


however if i dont use <group-name> tag in <security-role-mapping> and instead use <principal-name> then it works fine .

what i was testing is how does RunAs works ? specifically, say i specify @RunAs("guest") on session bean A. now lets say there are more than one principal/user with role as guest(for that i created a group). now when we invoke method of SessionBean A it will run as identity guest(no matter what was the role of original caller when we invoked servlet). and the same identity will be passed on to SessionBean B. now i wanted to check in session bean B what does SessionContext.getCallerPrincipal().getName() returned, since there are 2 prinicipals with role guest. ?
Frits Walraven
Creator of Enthuware JWS+ V6
Bartender

Joined: Apr 07, 2010
Posts: 1629
    
  23

Hi!

Maybe I am missing something but how do you authenticate to the web application? (I don't see a <auth-constraint> and also no <login-config> element)

now i wanted to check in session bean B what does SessionContext.getCallerPrincipal().getName() returned, since there are 2 prinicipals with role guest. ?

The Principal's name is not changed, it will be the name that was given when authentication took place. The role name however will be different (you can verify this with boolean isCallerInRole(java.lang.String roleName)

Regards,
Frits
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: query about RunAs annotation ?
 
Similar Threads
nightmare in running sample example from ejb 3 in action
@RunAs Application
ProgrammaticLogin in EJB - Oracle Glassfish 3.1 and JSP
Login Exception when using JDBC Realm (Glassfish V3.1 + IceFaces 2 + MySQL)
javax.annotation.security.RunAs throws exception