File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes EJB Certification (SCBCD/OCPJBCD) and the fly likes MDB security context and Java Ranch learning materials Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Certification » EJB Certification (SCBCD/OCPJBCD)
Bookmark "MDB security context and Java Ranch learning materials" Watch "MDB security context and Java Ranch learning materials" New topic
Author

MDB security context and Java Ranch learning materials

Mike Miechowsky
Greenhorn

Joined: Feb 26, 2014
Posts: 3
I found out that Java Ranch learning materials says that getCallerInRole and getCallerPrincipal will throw exception when called by MDB. As it has been explain before on the forum it's not true. Maybe it would be good to correct this learning notes?

I am talking about: http://www.coderanch.com/how-to/java/ScbcdLinks, section "Notes and Information", position "Frits Walraven OCPEJBD 6 EJB 3.1 notes", page 2-14.
Frits Walraven
Creator of Enthuware JWS+ V6
Bartender

Joined: Apr 07, 2010
Posts: 1628
    
  23

Hi Mike,

found out that Java Ranch learning materials says that getCallerInRole and getCallerPrincipal will throw exception when called by MDB. As it has been explain before on the forum it's not true. Maybe it would be good to correct this learning notes?

I am willing to change my notes, but could you point me to that discussion?

Regards,
Frits
Mike Miechowsky
Greenhorn

Joined: Feb 26, 2014
Posts: 3
For example here: http://www.coderanch.com/t/573039/java-EJB-SCBCD/certification/EJB-MDB-isCallerInRole
Please see last two posts.

Also in Enthuware tests, there is an explanation:

Although there is no client for a MDB, it can still call isCallerInRole and getCallerPrincipal. This is as per Table 4, Section 5.5.1 of EJB 3.1 Specification.

As per Section 17.2.5.1, "getCallerPrincipal returns the principal that represents the caller of the enterprise bean, not the principal that corresponds to the run-as security identity for the bean, if any."

If the security identity has not been established getCallerPrincipal() will return a non-null principal that corresponds to container’s representation of the unauthenticated identity.


Unless there is something I don't get... I am a little confused, to be honest, about these two methods when invoked from within MDB method.
Frits Walraven
Creator of Enthuware JWS+ V6
Bartender

Joined: Apr 07, 2010
Posts: 1628
    
  23

Thanks, Mike!

I will update it this evening.

Regards,
Frits
Frits Walraven
Creator of Enthuware JWS+ V6
Bartender

Joined: Apr 07, 2010
Posts: 1628
    
  23

There is no IllegalStateException when used from the message listener method or business method interceptor method, but there is a IllegalStateException thrown when used from the PostConstruct method.

So I have updated the explanation into:

IllegalStateException
"when invoked from MessageDriven Bean/Session Bean/Singleton Bean (in the PostConstruct, PreDestroy lifecycle callback methods)"

Regards,
Frits
Mike Miechowsky
Greenhorn

Joined: Feb 26, 2014
Posts: 3
Many thanks.

BR
Mike
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: MDB security context and Java Ranch learning materials
 
Similar Threads
OCA Java 7 - preparing
Passed SCWCD with 96% today
Passed SCBCD 5 certification!
it's important to have a right set of material to start off learning a language
Passed SCBCD with 87%