• Post Reply Bookmark Topic Watch Topic
  • New Topic

propogating security principals from web tier to EJB tier  RSS feed

 
Suresh Magi
Greenhorn
Posts: 19
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I was working with EJB and i had a basic doubt in security propogation from the web tier to EJB tier.


I deployed an EJB on JBOSS app server and in that bean i was trying to get the caller principal object from the EJBContext and i was printing the name of the principal.

System.out.println(ctx.getCallerPrincipal().getName());

then i created ordinary EJB client which is a java class and when i invoked the business method i was getting the below error

Exception in thread "main" javax.ejb.EJBException: java.lang.IllegalStateException: No valid security context for the caller identity
at org.jboss.ejb3.tx.Ejb3TxPolicy.handleExceptionInOurTx(Ejb3TxPolicy.java:63)
at org.jboss.aspects.tx.TxPolicy.invokeInOurTx(TxPolicy.java:83)
at org.jboss.aspects.tx.TxInterceptor$Required.invoke(TxInterceptor.java:191)

This error sounds meaningful but how will i set the security context from the java class. If it can be done then is this the same way that the security principal propogates from web tier to EJB tier. Whether "Realms" anywhere related to this topic or is it altogether a different topic?

Thanks,
Suresh B
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!