run-as role in ejbCreate
edstorm Mar 21, 2004 2:43 PMHi,
I originally posted this question in another forum, but thought it might do a bit better here. I have two session beans, TestSession and InternalSession. TestSession is stateful, InternalSession is stateless. TestSession has the run-as role set to "internal", and all of the methods for InternalSession require the "internal" role. Everthing runs fine, until ejbActivate is invoked on TestSession. I get the following exception:
12:08:13,801 ERROR [SecurityInterceptor] Insufficient method permissions, principal=null, method=create, interface=LOCALHOME, requiredRoles=[internal], principalRoles=[]
12:08:13,804 ERROR [LogInterceptor] EJBException, causedBy:
java.lang.SecurityException: Insufficient method permissions, principal=null, method=create, interface=LOCALHOME, requiredRoles=[internal], principalRoles=[]
at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:229)
at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:81)
at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:120)
at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invokeHome(ProxyFactoryFinderInterceptor.java:93)
at org.jboss.ejb.SessionContainer.internalInvokeHome(SessionContainer.java:562)
at org.jboss.ejb.Container.invoke(Container.java:909)
at org.jboss.ejb.plugins.local.BaseLocalProxyFactory.invokeHome(BaseLocalProxyFactory.java:293)
at org.jboss.ejb.plugins.local.LocalHomeProxy.invoke(LocalHomeProxy.java:110)
at $Proxy51.create(Unknown Source)
at test.TestSessionBean.getInternalSessionLocal(TestSessionBean.java:73)
at test.TestSessionBean.checkRoles(TestSessionBean.java:210)
at test.TestSessionBean.checkLocal(TestSessionBean.java:187)
at test.TestSessionBean.ejbActivate(TestSessionBean.java:127)
at org.jboss.ejb.plugins.StatefulSessionFilePersistenceManager.activateSession(StatefulSessionFilePersistenceManager.java:331)
at org.jboss.ejb.plugins.StatefulSessionInstanceCache.activate(StatefulSessionInstanceCache.java:90)
at org.jboss.ejb.plugins.AbstractInstanceCache.get(AbstractInstanceCache.java:107)
at org.jboss.ejb.plugins.StatefulSessionInstanceInterceptor.invoke(StatefulSessionInstanceInterceptor.java:211)
at org.jboss.ejb.plugins.AbstractTxInterceptor.invokeNext(AbstractTxInterceptor.java:84)
at org.jboss.ejb.plugins.TxInterceptorCMT.runWithTransactions(TxInterceptorCMT.java:314)
at org.jboss.ejb.plugins.TxInterceptorCMT.invoke(TxInterceptorCMT.java:148)
The bit of code where the exception occurs is where create() is called on the InternalSession ( which requires "internal" role ) below:
private InternalSessionLocal getInternalSessionLocal() throws EJBException { try { InitialContext initCtx = new InitialContext(); InternalSessionLocalHome ilocalhome = (InternalSessionLocalHome)initCtx.lookup( "java:comp/env/ejb/test/InternalSession" ); return ilocalhome.create(); } catch (Exception e ) { log.error( "Exception getting internal session.",e); throw new EJBException( "exception getting internal session",e); } }
I have tested this on jboss-3.2.3 and jboss-4.0.0DR3, and the results are the same. So the question is: Should jboss be applying the run-as role when ejbActivate is invoked? My reading of the 2.0 spec suggests that is should, but I am not by any means an expert.
Thanks,
Ed