• Post Reply Bookmark Topic Watch Topic
  • New Topic

What is the purpose to annotation a MDB with @RunAs?  RSS feed

 
Himai Minh
Ranch Hand
Posts: 1573
10
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
As mentioned in Enthuware, an MDB can be annotated with @RunAs and MessageDrivenContext.isCallerPrincipal can be used in onMessage() or timeout method or life cycle callback methods of MDB.
But MDB does not interact with any client.
What is the purpose to authorize a role to access a MDB?
 
Mikalai Zaikin
Ranch Hand
Posts: 3418
16
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Bcause MDB may execute other EJBs and since MDB does not have any security identity, this is mechanism to run other EJBs under specific user identity.

Please, read about security identity propogation
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!