• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Jeanne Boyarsky
  • Junilu Lacar
  • Henry Wong
Sheriffs:
  • Ron McLeod
  • Devaka Cooray
  • Tim Cooke
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Frits Walraven
  • Tim Holloway
  • Carey Brown
Bartenders:
  • Piet Souris
  • salvin francis
  • fred rosenberger

Container callback restrictions...

 
Ranch Hand
Posts: 194
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi All,

The spec says that in ejbCreate, ejbRemove, ejbActivate and ejbPassivate you can call from the SessionContext the isCallerInRole and getCallerPrincipal but with ejbActivate and ejbPassivate there is no direct caller.

Is this right that calls to isCallerInRole and getCallerPrincipal are allowed in ejbActivate and ejbPassivate?

The spec says so, so it must be, but there is no caller for these methods.

Thanx for any help...

James.
 
Ranch Hand
Posts: 209
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi James,

As per spec:


Invoking the getCallerPrincipal and isCallerInRole methods is disallowed in
the session bean methods for which the Container does not have a client security context.



For a SFSB instance there is a client security context when Container executes ejbActivate/ejbPassivate as stateful session bean is always associated with a particular client since its creation (i.e. since an instance of the bean has been created with the call to ejbCreate method)

Therefore, one can invoke security related methods on SessionContext when Container passivates/activates an instance of SFSB.

 
James Turner
Ranch Hand
Posts: 194
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Alex,

Thank you for your reply, I thought the client security context, like a transaction context was propagated as per call.

Thanx for your help.

James.
 
She'll be back. I'm just gonna wait here. With this tiny ad:
Devious Experiments for a Truly Passive Greenhouse!
https://www.kickstarter.com/projects/paulwheaton/greenhouse-1
    Bookmark Topic Watch Topic
  • New Topic