3 Replies Latest reply on Apr 19, 2006 8:35 PM by William DeCoste

    Using @RunAs

    Jeff Schnitzer Newbie

      I would like to have an unsecured SLSB EJB call a secured SLSB EJB using the @RunAs tag. ie:

      Client -> UnsecuredBean -> SecuredBean

      I expect this to be possible because I have my own login config and the "unauthenticatedIdentity" set to a real value. However, I'm getting a NPE from the RunAsSecurityInterceptor.

      My beans:

      @Stateless
      @SecurityDomain("myDomain")
      @RunAs("god")
      public class UnsecuredEJB ...

      and:

      @Stateless
      @SecurityDomain("myDomain")
      @RolesAllowed({"god"})
      public class SecuredEJB ...

      The resulting stack trace:

      java.lang.NullPointerException
       org.jboss.ejb3.security.RunAsSecurityInterceptor.getRunAsIdentity(RunAsSecurityInterceptor.java:54)
       org.jboss.aspects.security.RunAsSecurityInterceptor.invoke(RunAsSecurityInterceptor.java:53)
       org.jboss.ejb3.security.RunAsSecurityInterceptor.invoke(RunAsSecurityInterceptor.java:67)
       org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:98)
       org.jboss.aspects.security.RoleBasedAuthorizationInterceptor.invoke(RoleBasedAuthorizationInterceptor.java:151)
       org.jboss.ejb3.security.RoleBasedAuthorizationInterceptor.invoke(RoleBasedAuthorizationInterceptor.java:85)
       org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:98)
       org.jboss.aspects.security.AuthenticationInterceptor.invoke(AuthenticationInterceptor.java:63)
       org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:98)
       org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:32)
       org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:98)
       org.jboss.ejb3.asynchronous.AsynchronousInterceptor.invoke(AsynchronousInterceptor.java:91)
       org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:98)
       org.jboss.ejb3.stateless.StatelessContainer.localInvoke(StatelessContainer.java:148)
       org.jboss.ejb3.stateless.StatelessLocalProxy.invoke(StatelessLocalProxy.java:60)
       $Proxy388.createPerson(Unknown Source) [my UnsecuredEJB]
       com.mydomain.web.action.ConfirmSignup.execute(ConfirmSignup.java:47) [the client]
      


      Shouldn't this work? @RunAs seems to work fine when calling from an authenticated bean.

      Thanks,
      Jeff Schnitzer