• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Junilu Lacar
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • Jeanne Boyarsky
  • Rob Spoor
  • Bear Bibeault
Saloon Keepers:
  • Tim Moores
  • Tim Holloway
  • Piet Souris
  • Carey Brown
  • Stephan van Hulst
Bartenders:
  • Frits Walraven
  • fred rosenberger
  • salvin francis

Am I missing something???

 
Greenhorn
Posts: 27
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Folks

From a message driven bean, I make a call to a session bean. The caller of the MDB as you know is the container and in the called session bean if I make a call to the method like getCallerPrincipal() on the Session bean's context what will be the result? How can I access restrict such a call from MDB as container propably wont fit into any of the roles.

Thanks and please relieve me of this confusion.
Vijay.
 
Ranch Hand
Posts: 98
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Probably you will get an UNAUTHORIZED user principal (container implementation specific thing).
 
Greenhorn
Posts: 9
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
you can use the security-identity flag and let the MDB run-as a defined role. You can also use the unchecked flag on the SB's methods.
 
Vijay Govind
Greenhorn
Posts: 27
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks Ajay. But I dont think your answers are related to my question and I my question is about restricting and not about allowing.
 
Ranch Hand
Posts: 364
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
my feeling is that you are not supposed to put security restrictions on the container
 
Vijay Govind
Greenhorn
Posts: 27
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hmmm...That might be it....Thanks a lot.
 
Greenhorn
Posts: 21
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,

Just an idea.. If you don't want the MDB to invoke the Session bean, it means you are expecting only a certain roles to access the Session bean, In that scenario, you can specify the @RolesAllowed annotation in the Session Bean to enumerate the allowed application specific roles -- this will restrict the "anonymous" calls from the MDB.

Will that help..


Regards..Lawrence J
 
That new kid is a freak. Show him this tiny ad:
Thread Boost feature
https://coderanch.com/t/674455/Thread-Boost-feature
reply
    Bookmark Topic Watch Topic
  • New Topic