This content has been marked as final.
Show 3 replies
-
1. Re: SecurityContext after JMS call
jaikiran Oct 24, 2006 12:05 PM (in response to porocnik)Specify a <run-as> in the ejb-jar.xml for the Message Driven Bean. Check the ejb-jar.xml's dtd, for more details:
http://java.sun.com/dtd/ejb-jar_2_0.dtd<!-- The run-as element specifies the run-as identity to be used for the execution of the enterprise bean. It contains an optional description, and the name of a security role. Used in: security-identity --> <!ELEMENT run-as (description?, role-name)>
-
2. Re: SecurityContext after JMS call
porocnik Oct 25, 2006 1:29 AM (in response to porocnik)"jaikiran" wrote:
Specify a <run-as> in the ejb-jar.xml for the Message Driven Bean.
Thanks for your reply.
Sure I could do it this way, but this would execute the beans method always with the same fixed identity.
What I want to do is to keep track of the user originally called the first bean and execute it with his identity.
Maybe I'm wrong and this is the wrong approach.
I'm open for every hint ;-)
Regards -
3. Re: SecurityContext after JMS call
jaikiran Oct 25, 2006 10:38 PM (in response to porocnik)What I want to do is to keep track of the user originally called the first bean and execute it with his identity.
AFAIK, that's not possible(someone can correct me if i am wrong). The reason behind this being the MDB is invoked by the server and not by the user who puts in the message in the queue. The job the user who has logged in has ended the moment he has successfully put in the message into the queue. When the MDB gets invoked *asynchronously* its a totally new flow and hence you wont be able to get the security info of the user who had put in the message to the queue.