0 Replies Latest reply on Aug 25, 2003 6:05 PM by kondjboss

    isCallerInRole returns false, even when user has the role

    kondjboss
    kondjboss Aug 25, 2003 6:05 PM

      I have a following method, inside a SessionBean, which has access for role "testrole". I have checked it and the method is executed only when I login as a user who has the role testrole. But isCallerInRole("testRole") returns false.

      public void testUserRole() {
      logger.info("PRINCIPALNAME=" + sessionContext.getCallerPrincipal().getName());
      String role = "testrole";
      if(sessionContext.isCallerInRole(role))
      System.out.println("IS IN ROLE: " + role);
      else
      System.out.println("NOT IN ROLE: "+ role);
      }

      ----------------------

      ejb-jar.xml is as follows...........
      <ejb-jar >

      <![CDATA[No Description.]]>
      <display-name>Generated by XDoclet</display-name>

      <enterprise-beans>

      <!-- Session Beans -->

      <![CDATA[Converts AutoSys data in to TAOS format.]]>

      <ejb-name>MyTest</ejb-name>

      com.test.server.ejb.interfaces.MyTestHome
      com.test.server.ejb.interfaces.MyTest
      <local-home>com.test.server.ejb.interfaces.MyTestLocalHome</local-home>
      com.test.server.ejb.interfaces.MyTestLocal
      <ejb-class>com.test.server.ejb.MyTestEJB</ejb-class>
      <session-type>Stateless</session-type>
      <transaction-type>Container</transaction-type>


      .....

      <security-role-ref>
      <role-name>testrole</role-name>
      <role-link>testrolelink</role-link>
      </security-role-ref>



      <assembly-descriptor >
      <!--
      To add additional assembly descriptor info here, add a file to your
      XDoclet merge directory called assembly-descriptor.xml that contains
      the <assembly-descriptor></assembly-descriptor> markup.
      -->
      <security-role>
      <![CDATA[description not supported yet by ejbdoclet]]>
      <role-name>testrole</role-name>
      </security-role>

      <method-permission >
      <![CDATA[description not supported yet by ejbdoclet]]>
      <role-name>testrole</role-name>

      <![CDATA[]]>
      <ejb-name>MyTest</ejb-name>
      <method-intf>Local</method-intf>
      <method-name>testUserRole</method-name>
      <method-params>
      </method-params>

      </method-permission>
      -----------

      JBoss server log is as follows..

      sessionContext:org.jboss.ejb.StatelessSessionEnterpriseContext$SessionContextImpl@1b45ddc
      2003-08-25 17:10:16,656 INFO [STDOUT] Creating com.test.server.ejb.MyTestEJB Bean
      2003-08-25 17:10:16,656 INFO [com.test.server.ejb.MyTestEJB] PRINCIPALNAME=testuser
      2003-08-25 17:10:16,676 INFO [STDOUT] NOT IN ROLE: testrole


      So it is executing it with the role testrole, but isCallerInRole returns false.

      Thanks,
      -AJ

      • 3723 Views
      • Tags: