Win a copy of Kotlin in Action this week in the Kotlin forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

Security in enterprise bean  RSS feed

 
Fisher Daniel
Ranch Hand
Posts: 582
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Dear all,
What is the differences between user-caller-identity and run-as identity?
thanks
daniel
 
Lasse Koskela
author
Sheriff
Posts: 11962
5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Let's say your EJB client is a web application to which the user has logged in as "bob". The web application (a servlet or some helper class) looks up the EJB and executes a method.
What happens in the EJB-side is that (a) if the bean has <use-caller-identity/> set, the EJB container executes the method body as "bob", and (b) if the bean has a <run-as>mike</run-as>, the EJB container executes the method body as "mike". This difference, in turn, shows up when the method body attempts to access a restricted resource.
 
Pradeep bhatt
Ranch Hand
Posts: 8933
Firefox Browser Java Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Orielly book has a good example.
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!