• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Why doesn't EJBContext offer a method like getCallerRole to obtain the caller's role?

 
Mellon Sun
Ranch Hand
Posts: 126
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
EJBContext has isCallerInRole() and getCallerPrincipal(), but how could I get the caller's role?
[ December 17, 2008: Message edited by: Mellon Sun ]
 
Ralph Jaus
Ranch Hand
Posts: 342
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
how could I get the caller's role?
You can recover it through evaluating isCallerInRole: Though not very elegant, but works.
 
Mellon Sun
Ranch Hand
Posts: 126
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Is there a method to get all the roles?
 
Ralph Jaus
Ranch Hand
Posts: 342
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Is there a method to get all the roles?

No. Moreover you have to declare each role you want to use in isCallerInRole in the @DeclareRoles annotation. If you use a different one you'll get an error.
[ December 17, 2008: Message edited by: Ralph Jaus ]
 
Ralph Jaus
Ranch Hand
Posts: 342
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I want to add:

To my understanding the EJB role model goes in the other direction: First, the bean provider defines appropriate roles for his or her application. Then he or she specifies which role is allowed to use which business methods (@RolesAllowed) or how the business logic depends on the role of the caller (isCallerInRole).

In this point of view there is no need to determine the possible roles in a business method.

But my understanding may be a little bit limited. Interesting topic anyway.
[ December 17, 2008: Message edited by: Ralph Jaus ]
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic