2 Replies Latest reply on Nov 5, 2010 10:48 AM by jaikiran pai

    Ejb 3.1 & JBoss AS 6 M5 User Authentifiaction and Autorisation

    Sueleyman Vurucu Expert

      Hi @ all,

       

      My Environment:

       

      Aplication Sevrer :      jboss-6.0.0.20100911-M5 (default configuration without any changes)

      IDE:                          Eclipse 3.6

      Jboss Tools               V 3.2

      Java Version:             JDK 1.6 U 20

      OS:                          Windows Vista 32 Bit

       

      My Problem:

       

      I Create a test Application. It Contains only one Stateless Bean with local an remote interfaces:

       

      package beans.stateless;
      
      import interfaces.stateless.FirstStatelessBeanLocal;
      import interfaces.stateless.FirstStatelessBeanRemote;
      
      import javax.annotation.*;
      import javax.annotation.security.*;
      import javax.ejb.*;
      
      import org.apache.commons.logging.*;
      import org.jboss.aop.*;
      import org.jboss.beans.metadata.api.annotations.*;
      import org.jboss.security.annotation.*;
      
      /**
       * Session Bean implementation class FirstStatelessBean
       */
      @Stateless
      @SecurityDomain("JBossWS")
      @RolesAllowed("{friend}")
      public class FirstStatelessBean implements FirstStatelessBeanRemote, FirstStatelessBeanLocal {
      
          /**
           * Default constructor.
           */
          private int    pCounterLocal    = 0;
          private int    pCounterRemote    = 0;
      
          @Resource
          private SessionContext myCtx ; 
          
          public FirstStatelessBean() {
          }
      
          @PreDestroy
          public void destroy() {
              LogFactory.getLog( getClass() ).warn( "Destroy" );
              pCounterLocal=0;
              pCounterRemote=0;
          }
          
          @PostConstruct
          public void create(){
              LogFactory.getLog( getClass() ).warn( "Create" );
          }
      
          
          @Override
          public String sayHelloLocal( String pMesssage ) {
              String lMessage = "Hello Local to " + pMesssage + " " + ( ++pCounterLocal ) + " Times";
              LogFactory.getLog( getClass() ).info( lMessage );
              return lMessage;
          }
      
          @Override
          public String sayHelloRemote( String pMesssage ) {
              String lMessage = "Hello Remote to " + pMesssage + " " + ( ++pCounterRemote ) + " Times";
              LogFactory.getLog( getClass() ).info( lMessage );
      //      LogFactory.getLog( getClass() ).info( myCtx.getCallerPrincipal() );
              return lMessage;
          }
      
          @Override
          @PrePassivate
          public void passviate() {
              LogFactory.getLog( getClass() ).warn( "Passivate" );        
          }
      
      
      }
      

       

      On The Client side I get the JNDI Refrence on the following way:

       

      Properties p = new Properties();
                      p.put( Context.INITIAL_CONTEXT_FACTORY, "org.jnp.interfaces.NamingContextFactory" );
                      p.put( Context.PROVIDER_URL, "jnp://" + pServerAddr + ":" + pServerPort );
      InitialContext jndiContext = new InitialContext( p );
      

       

      So my excpected behavior (when I call sayHelloRemote) is an Exception. But this request still works with worong user information.

       

      So what I'm doing wrong ?