2 Replies Latest reply on Jun 5, 2003 10:09 AM by gridplan

No security context set?

gridplan May 31, 2003 12:40 PM

Hi,
I'm getting a

java.lang.IllegalStateException: No security context set

exception in my SLSB's ejbCreate() method when I call getCallerPrincipal() on the SessionContext. What's odd (at least to me) is that if I make the bean stateful in the deployment descriptor, no exception is thrown and the EJB correctly prints the caller's identity.

I know SLSBs don't have any client-specific state. But I thought (perhaps wrongly) that an SLSB could determine the caller's identity. Is the exception I'm seeing correct?

TIA,
-kevin

P.S. I'm using JBoss 3.0.7 with ClientLoginModule on the client side and UsersRolesLoginModule on the server.

1. Re: No security context set?

haraldgliebe Jun 2, 2003 3:07 AM (in response to gridplan)

The exception is correct. According to the EJB Spec you're not allowed to call getCallerPrincipal from within the ejbCreate method of stateless SB.
Since a SLSB instance can be used by multiple clients and the creation (ejbCreate) of an instance doesn't need to correspond to a create call from the client, the caller identity wouldn't be very useful anyway.

Regards,
Harald
Actions
2. Re: No security context set?

gridplan Jun 5, 2003 10:09 AM (in response to gridplan)

That makes perfect sense, Harald. Thank you very much!
Actions

Go to original post