• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

access to other beans and RMCFs?

 
Simon Ingram
Ranch Hand
Posts: 173
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The spec says on page 81 and 91 that "accessing resource managers and enterprise beans is disallowed in the session bean methods for which the container does not have a meaningful tx context or client security context."

I notice in the spec on page 80 table 2 and in HeadFirst Java pages 196, 207 and 216 that stateful session beans can access other beans and resource managers in ejbCreate (and also ejbRemove, ejbPassivate and ejbActivate).

Since these methods are not deeemed to take place in a transaction, I am confused. WOuld someone please clarify this issue.

with best regards
Simon
 
Roger Chung-Wee
Ranch Hand
Posts: 1683
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
What is important to realise is that, for stateful session beans, methods like ejbCreate() and ejbRemove() operate in a client security context because they are only invoked upon the client invoking create() or remove(). Contrast this with stateless session beans where the calling of these methods is not tied to the client and therefore operate without a client security context.
 
Simon Ingram
Ranch Hand
Posts: 173
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks for your reply, Roger. I now understand that a stateful bean has a client security context and the stateless bean does not. The spec. leads one to suppose that access to management resources and other beans requires both a security context AND a transaction. It is the transaction requirement that is causing the confusion, or are you saying that either the transaction OR the security context is enough to establish access?

regards
Simon
 
Roger Chung-Wee
Ranch Hand
Posts: 1683
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
According to the spec:

Accessing resource managers and enterprise beans is disallowed in the session bean methods for which the Container does not have a meaningful transaction context or client security context.
 
Simon Ingram
Ranch Hand
Posts: 173
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I'm sorry, Roger, but if access is DISallowed if the container does NOT have a transaction context OR a client security context, then it stands to reason that to be allowed access you require BOTH.

Simon
 
Roger Chung-Wee
Ranch Hand
Posts: 1683
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
No it does not follow, how can the negation of an OR condition require an AND condition?

By your reasoning, the ejbCreate() method of a stateful session bean could get resource manager and enterprise bean access only if the Container has both a meaningful transaction context and client security context. This is clearly not true as access is possible only because ejbCreate() has client security context - this method runs without a meaningful transaction context.
 
Simon Ingram
Ranch Hand
Posts: 173
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
My apologies. You are absolutely right!
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic