10 Replies Latest reply on Mar 25, 2014 5:45 AM by sergiu_pienar

    Login-Principal is not propagated to Ejb's SessionContext

    didier2011

      Deployment as ear with war and jar (containing the ejb service) on the nightly build of 2010-10-08

      I'm using the DatabaseServerLoginModule, see this excerpt of my standalone.xml

       

                      <security-domain name="mysecurity">

                          <authentication>

                              <login-module code="org.jboss.security.auth.spiDatabaseServerLoginModule" flag="required">

                                  <module-option name="debug" value="true" />

                                  <module-option name="dsJndiName" value="java:/mydb" />

                                  <module-option name="principalsQuery" value="SELECT passwd etc" />

                                  <module-option name="rolesQuery" value="SELECT role etc." />

                                  <module-option name="unauthenticatedIdentity" value="nobody" />                       

                              </login-module>

                          </authentication>

                      </security-domain>

       

      My EJB is defined like this, the SessionContext is injected

       

      @Stateless(name="MyService")

      @TransactionManagement(TransactionManagementType.CONTAINER)

      @SecurityDomain(value = "mysecurity")

      public class MyServiceBean {

       

      @Resource SessionContext ctx;

       

      The principal created during the login is correct, but it is not propagated to the ejb serviceContext:

      ctx.getCallerPrincipal() delivers "anonymous"

       

      Is this a bug, or is there another way to retrieve the caller principal in ejb?