![]() ![]() ![]() but as far as I can see, there's no way of passing in the original principal Surely there's a hole in the spec if this anyone using a Service-DAO ejb pattern can't use caller principle in the DAO? I can't be the first to of hit this type of problem, whereby I need to use 'run as' to change the ROLE in the service so the DAO can't be called directly(by using RolesAllowed). Now you can use to manually set the principal when the dao EJB is delared. Though when I call getUserPrinciple within daoEJB gets a caller principle on ‘anonymous’ instead of the correct principle set by JAAS. serviceEJB then calls methodA of daoEJB with a set to “SERVICE� (to stop the JSF web client being able to call daoEJB directly - with RolesAllowed set on the DAO). Now when serviceEJB calls getUserPrinciple it returns the principle correctly. I have a JSF which calls a serviceEJB which in turn calls a daoEJB. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |