0 Replies Latest reply on Dec 20, 2006 3:34 AM by Mathias Nicolajsen Kjærgaard

    SLSB @RunAs does not affect SessionContext.isCallerInRole

    Mathias Nicolajsen Kjærgaard Newbie

      Hi all,

      I have just upgraded to JBoss AS 4.0.5GA and I am experiencing some unexpected behavior. I have two SLSB converted from EJB 2.1 XDoclet beans to EJB3:

      @Stateless
      @Local(SomeLocal.class)
      @RunAs(SomeBean.SOME_ROLE)
      public class SomeBean implements SomeLocal {
      
       static final String SOME_ROLE = "someRole";
      
       @EJB
       OtherLocal otherLocal;
      
       public boolean test() {
       return otherLocal.test();
       }
      
      }


      and

      @Stateless
      @Local(OtherLocal.class)
      public class OtherBean implements OtherLocal {
      
       @Resource
       SessionContext context;
      
       @RolesAllowed(SomeBean.SOME_ROLE)
       public boolean test() {
       return context.isCallerInRole(SomeBean.SOME_ROLE);
       }
      
      }


      I would expect that SomeLocal.test() would return true, as is the case with EJB 2.1 and JBoss 4.0.2, but instead the method returns false.

      Do anyone know if this a bug in JBoss 4.0.5, or if it is working according to the spec.? As I read the spec. I think that it is a bug, but I would like a second opinion.

      Regards
      Mathias