Hi,
I have a stateless session bean talking to a CMP Entity Bean.
I have declared a security domain and I am trying to use the
created-by,updated-by etc audit fields of JBoss 4.0.0.
My stateless bean cannot access the entity beans directly and
uses a <run-as> configuration so an internal role is used.
Internal role can access the entity beans only.
Apparently the run-as configuration leads to all the audit entries
(except the time ones) to be populated as anonymous!!
If I remove the <run-as> configuration then the audit fields get
populated correctly with the user that did the update.
Is there a way to keep the <run-as> configuration and make the
audit fields to be populated with the logged user?
Thanks
Petros
Its probably not currently possible. Create a bug report on the jira site and add a testcase if you have one.
http://jira.jboss.com/jira/browse/JBAS