• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Rob Spoor
  • Tim Cooke
  • Junilu Lacar
Sheriffs:
  • Henry Wong
  • Liutauras Vilda
  • Jeanne Boyarsky
Saloon Keepers:
  • Jesse Silverman
  • Tim Holloway
  • Stephan van Hulst
  • Tim Moores
  • Carey Brown
Bartenders:
  • Al Hobbs
  • Mikalai Zaikin
  • Piet Souris

caller principal question from spec

 
Ranch Hand
Posts: 277
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi All,
In section 21.1 of the spec it says:

bean.) If the run-as element is specified, a security principal that has been assigned to the specified security role will be used for the execution of the bean�s methods and will be visible as the caller principal in the callee.


This statement seems to conflict with this statement found in section 21.2.5.1

Note that getCallerPrincipal() returns the principal that represents the caller of the enterprise bean, not the principal that corresponds to the run-as security identity for the bean, if any.


and with this statment found in section 21.2.5.2

Note that isCallerInRole(String roleName) tests the principal that represents the caller of the enterprise bean, not the principal that corresponds to the run-as security identity for the bean, if any.


Can anyone explain this apparent discrepancy?
Thanks,
 
Ranch Hand
Posts: 63
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hi Keith,
There are no conflicts, see the following example:
for the part of spec sestion 21.1
CallerEJB(run as Jacky)-----CalleeEJB(the caller principal Jacky is visible)
for the part of spec section 21.2.5.1
CallerEJB(run as Jacky)-----CalleeEJB(run as Keith, getCallerPrincipal() returns Jacky's Principal)
for the part of spec section 21.2.5.2
CallerEJB(run as Jacky)-----CalleeEJB(run as Keith, isCallerInRole("Jacky") returns true, isCallerInRole("Keith") returns false)
[ January 12, 2004: Message edited by: Jacky Chow ]
 
Keith Rosenfield
Ranch Hand
Posts: 277
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Jacky:
I'm still confused.
Let's say that for a particular bean that run-as has been declared in the deployment descriptor as follows

and Keith has been assigned as the security principal for the role of administrator.
Now let's say that a client running as Jacky calls a method of this bean. What would be returned by getCallerPrincipal in this method: Keith or Jacky?
Section 21.1 appears to suggest that Keith will be returned.
Section 21.2.5.1 appears to suggest that Jacky will be returned.

Is my understanding of these sections faulty?
[ January 12, 2004: Message edited by: Keith Rosenfield ]
[ January 12, 2004: Message edited by: Keith Rosenfield ]
[ January 12, 2004: Message edited by: Keith Rosenfield ]
 
Keith Rosenfield
Ranch Hand
Posts: 277
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I just answered my own question. I was reading the spec incorrectly. Jacky, your answer was correct.
Thanks.
 
Evil is afoot. But this tiny ad is just an ad:
Thread Boost feature
https://coderanch.com/t/674455/Thread-Boost-feature
reply
    Bookmark Topic Watch Topic
  • New Topic