• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Security - Principal & run-as-identity

 
Ranch Hand
Posts: 268
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Source - One of choice of a question from Whizlab.


Method getCallerPrincipal returns the principal represents the caller of EJB which is same as the principal that corresponds to run-as-secutiry identity of bean, if exists.
FALSE

Reason
It is not mandatory that principal that corresponds to run-as-identity for the bean should be same as principal that represents the caller of the bean.

Can someone please add few more words to the reason, bit hard to understand for me.

Thanks.
 
Ranch Hand
Posts: 342
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

It is not mandatory that principal that corresponds to run-as-identity for the bean should be same as principal that represents the caller of the bean.


In fact, the only reason for using a run-as-identity, is to perform subsequent bean invocations under a new principal / security role.

You may have a look at the code example in the following link: The principal that represents the caller of ABean has role "Guest" (at least if he should be allowed to invoke aMethod) while the run-as-identity corresponds to a principal with role "Admin".
 
Deepika Joshi
Ranch Hand
Posts: 268
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Sorry it's my mistake, I forgot the first rule of cert preparation.
"Read options carefully."

run-as-identity is @RunAs, I did not read & applied my mind carefully.

Thanks a lot for replying.
 
reply
    Bookmark Topic Watch Topic
  • New Topic