This week's book giveaway is in the Security forum.
We're giving away four copies of Penetration Testing Basics and have Ric Messier on-line!
See this thread for details.
Win a copy of Penetration Testing Basics this week in the Security forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Lifecycle callbacks, transaction and security contexts

Raf Szczypiorski
Ranch Hand
Posts: 383
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
In the specs section 4.3.4 says for each lifecycle callback, that it runs in an unspecified security and transaction context. However, for statefull session beans, according to the table on page 79, we can call EJBContext.getCallerPrincipal() / isCallerInRole(). This would imply that they return valid results, and security context does exist. Also, we can use other beans, resource managers and so on, which would mean there is some transaction context.
Could someone clear this up for me, please?

  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic