-
1. Re: SecurityIncerceptor, EJB 3.0 RC5
I created a TracingInterceptor with the code below:
public class TracingInterceptor { @Resource SessionContext sessionCtx; @AroundInvoke public Object log(InvocationContext invocationCtx) throws Exception { Logger log = Logger.getLogger(invocationCtx.getBean().getClass()); long start = System.currentTimeMillis(); try { return invocationCtx.proceed(); } catch(Exception e) { log.error("Intercepted Exception",e); throw e; } finally { Principal callerPrincipal = sessionCtx.getCallerPrincipal(); long time = System.currentTimeMillis() - start; log.info(callerPrincipal.getName()+": "+invocationCtx.getMethod().getName() + "() " + time + "ms"); } } }
And in my EJB I have:@Stateless @Interceptors({TracingInterceptor.class}) @Local(ContaMgt.class) public class ContaMgrBean implements ContaMgt { @PersistenceContext() EntityManager manager; @RolesAllowed({"administrator","user"}) public ContaDTO buscaConta(Long exercicioId, String contaCodigo) { ContaAbstract conta = (ContaAbstract)manager .createNamedQuery("ContaAbstract.buscaPorExercicioIdContaCodigo") .setParameter("exercicioId",exercicioId) .setParameter("codigo",contaCodigo) .getSingleResult(); return DTOHelper.makeContaDTO(conta); }
I don't know if this is the best solution, but it worked for me.
good luck,
Alessandro Oliveira
Brazil -
2. Re: SecurityIncerceptor, EJB 3.0 RC5
Thanks for your response Alessandro, but it's not quite what I'm looking for. I've already successfully created an EJB Interceptor (I get who is actually calling that bean). What I'm trying to do is find out who is TRYING to call into that bean, ie/ I need to get the failed attempts too -- the ones that are not authorized (and therefore don't get to the point where they're invoking the bean).
So I'm still searching for an answer, if anybody's got ideas. -
