File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes EJB Certification (SCBCD/OCPJBCD) and the fly likes RunAs and EJBCallerPrincipal Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Certification » EJB Certification (SCBCD/OCPJBCD)
Bookmark "RunAs and EJBCallerPrincipal" Watch "RunAs and EJBCallerPrincipal" New topic
Forums: EJB Certification (SCBCD/OCPJBCD) Websphere
Author

RunAs and EJBCallerPrincipal

sandeeprajsingh tandon
Ranch Hand

Joined: Mar 06, 2009
Posts: 70
Hi, I am trying to invoke a Session Bean BeanA's methodA ()via an MDB MDB1. Both MDB1 and SessionBean BeanA has RunAs("my user") annotation on it.
The user has been mapped on WAS 7 to correct roles.

I am trying to get the CalllerPrincipal from,
- the ejbcontext in the methodA of the BeanA and
- the messagedrivenbeancontext in onMessage method of MDB1.

At both places i get UNAUTHENTICATED for the caller principal
How can i get the RunAs User in the session bean, BeanA's method A.
Frits Walraven
Creator of Enthuware JWS+ V6
Bartender

Joined: Apr 07, 2010
Posts: 1675
    
  25

Hi,

I am not sure whether I understand you correctly, but the MBD is calling you Session bean, right?

In that case there is no Principal involved as MBD's don't have a client.

Regards,
Frits
sandeeprajsingh tandon
Ranch Hand

Joined: Mar 06, 2009
Posts: 70
Frits, you have understood me correctly.
MDBs are calling session bean but MDB has been configured as RUNAS(my user) also the Session Bean has been configured as RunAs(My User)

Are you saying, since MDBs dont have a client to access them, there is no way i can get callerPrincipal ?
Does RunAs not alter the caller principal atleast on Session beans?

What are my alternatives.
Actually my session bean is supposed to set principal object it recieves in Database Session
Its currently setting up 'UNAUTHENTICATED'. Is there a way i can pass the 'myuser' principal to my Session bean or is there any other option to pass the myuser user?



Frits Walraven
Creator of Enthuware JWS+ V6
Bartender

Joined: Apr 07, 2010
Posts: 1675
    
  25

Are you saying, since MDBs dont have a client to access them, there is no way i can get callerPrincipal ?

Yes, as there is no authentication in place, there is no Principal involved (unless you have something ejb-container vendor dependent feature)
From the EJB3.1 specs:
5.4.13 Security Context of Message-Driven Bean Methods
A caller principal may propagate into a message-driven bean's message listener methods. Whether this occurs is a function of the specific message-listener interface and associated messaging provider, but is not governed by this specification.

Where do you you thought you would get your Principal from?

Does RunAs not alter the caller principal atleast on Session beans?

Nope, The RunAs annotation just tells the bean to play in another role (you are altering the Role of the Principal, not the name)

What are my alternatives.

Check the messaging provider if and how it is possible to map a user to a MDB.

Regards,
Frits
sandeeprajsingh tandon
Ranch Hand

Joined: Mar 06, 2009
Posts: 70
thanks frits. I will check the documentation. I know in WAS i can get somethign like a SUBJECT but will need to see if that solves my problems.
sandeeprajsingh tandon
Ranch Hand

Joined: Mar 06, 2009
Posts: 70
I finally solved it by Having a RunAs annotation on MDB and configuring its binding file[ibm-application-bnd.xml] like this.



and also adding @DeclareRoles({"Authenticated"}) on top of my sesion bean that is invoked from the mdb.
that gives me the principal from the sessioncontext.
ejb-jar.xml looks like this

Frits Walraven
Creator of Enthuware JWS+ V6
Bartender

Joined: Apr 07, 2010
Posts: 1675
    
  25

Thanks for coming back and putting your solution here.

Regards,
Frits

N.B. I have added "Code" tags around the XML-code. You can do that yourself next time by pressing the "Code" button
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: RunAs and EJBCallerPrincipal