• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Ron McLeod
  • Bear Bibeault
  • Liutauras Vilda
Sheriffs:
  • Jeanne Boyarsky
  • Tim Cooke
  • Junilu Lacar
Saloon Keepers:
  • Tim Moores
  • Tim Holloway
  • Stephan van Hulst
  • Jj Roberts
  • Carey Brown
Bartenders:
  • salvin francis
  • Frits Walraven
  • Piet Souris

MDB and calling other beans

 
Greenhorn
Posts: 17
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I can't find something to explicitly state this in the spec so i was hoping someone could set me straight.
MDBs have no clients so the app assembler cannot set its <security-identity> to <use-caller-identity>. (section 21.3.4 of spec).
Does that mean that the MDB will throw exceptions when it attempts to call another bean's methods, if the MDB's <security-identity> is not set to a <role-name> (using <run-as> of course) with sufficient authority?
If so, you would only need to specify a MDB's <security-identity > element if it called another bean.
 
Author & Gold Digger
Posts: 7617
6
IntelliJ IDE Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
According to the EJB specification 2.0, a MDB may only provide a run-as element within its security-identity element, use-caller-identity being forbidden for an MDB. The specification further states that "The run-as identity establishes the identity the enterprise bean will use when it makes calls."
What happens if you specify use-caller-identity in the security-identity element is container specific in my opinion. Logically, the container should prevent the MDB from being deployed if such a case happens. But, I firmly doubt that an exception would be raised at runtime as this would imply that the deployment was successful even though the deployment descriptor did not satisfy the specification which is a must for all EJB container implementors.
[ April 02, 2004: Message edited by: Valentin Crettaz ]
 
It's hard to fight evil. The little things, like a nice sandwich, really helps. Right tiny ad?
the value of filler advertising in 2020
https://coderanch.com/t/730886/filler-advertising
reply
    Bookmark Topic Watch Topic
  • New Topic