• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Jeanne Boyarsky
  • Junilu Lacar
  • Henry Wong
Sheriffs:
  • Ron McLeod
  • Devaka Cooray
  • Tim Cooke
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Frits Walraven
  • Tim Holloway
  • Carey Brown
Bartenders:
  • Piet Souris
  • salvin francis
  • fred rosenberger

query about RunAs annotation ?

 
Ranch Hand
Posts: 924
1
Netbeans IDE Fedora Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Lets have 2 stateless session beans A and B. also there is servlet which invokes method on Bean A which further invokes method on Bean B. consider following snippets of code and DD.

SessionBean A :



Session Bean B :





sun-web.xml DD




Servlet :



this is my web.xml





in the glassfish security realm/domain i have created a group named test with 2 users namely ammu and anuj. in the dd above i have mapped role guest to this group name test. also i have a role admin mapped to principal guru. now when i invoke my servlet i get the following exception :


|#]


however if i dont use <group-name> tag in <security-role-mapping> and instead use <principal-name> then it works fine .

what i was testing is how does RunAs works ? specifically, say i specify @RunAs("guest") on session bean A. now lets say there are more than one principal/user with role as guest(for that i created a group). now when we invoke method of SessionBean A it will run as identity guest(no matter what was the role of original caller when we invoked servlet). and the same identity will be passed on to SessionBean B. now i wanted to check in session bean B what does SessionContext.getCallerPrincipal().getName() returned, since there are 2 prinicipals with role guest. ?
 
Creator of Enthuware JWS+ V6
Posts: 3341
303
Android Eclipse IDE Chrome
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi!

Maybe I am missing something but how do you authenticate to the web application? (I don't see a <auth-constraint> and also no <login-config> element)

now i wanted to check in session bean B what does SessionContext.getCallerPrincipal().getName() returned, since there are 2 prinicipals with role guest. ?


The Principal's name is not changed, it will be the name that was given when authentication took place. The role name however will be different (you can verify this with boolean isCallerInRole(java.lang.String roleName)

Regards,
Frits
 
I didn't do it. You can't prove it. Nobody saw me. The sheep are lying! This tiny ad is my witness!
Devious Experiments for a Truly Passive Greenhouse!
https://www.kickstarter.com/projects/paulwheaton/greenhouse-1
    Bookmark Topic Watch Topic
  • New Topic