1 Reply Latest reply on May 2, 2011 9:12 AM by Timo Wiedenmann

    Way to authenticate in Singleton Startup method

    Timo Wiedenmann Newbie

      Hello there,


      i'm looking for the best way to get authenticated in a ejb singleton startup method (JBoss 6.0.0).


      I need this, because i want to initialize some timer ejb's which require authentication (SecurityDomain),

      using a special system principal (where i have the principal name and password).

      Just calling a secured remote interface returns "Invalid user" ...


      So therefore the basic question: Is there a way to get authenticated to the container within a ejb and call another ?


      I already tried the standard login mechanism, which my client uses. There i could login, but security context is gone at the

      call to a secured remote interface to me (returns "user = null", No matching username found in Principals)


      Has anybody a hint for me how to solve this ?

      Should be a common issue ...


      Best regards,


        • 1. Re: Way to authenticate in Singleton Startup method
          Timo Wiedenmann Newbie

          ok, found a way - not sure if it is a consistent solution or dirty code ...


          I create a timer in the startup method which will be invoked few seconds after - need this to have all beans bound.

          Then i use the SecurityAssociation to get authenticated, call the session beans and clear the association.


          Here is the code:




            public void init() {

               // check if timer already present

              final Collection<Timer> timers = ctx.getTimerService().getTimers();

              if (timers.isEmpty() == false) {

                // Cancel timers

                for (Iterator<Timer> ita = timers.iterator(); ita.hasNext();) {

                  final Timer timer = ita.next();

                  LOGGER.debug("Cancelling all timer " + timer);





              // start timer

              try {

                ctx.getTimerService().createTimer(5*1000, "startupTimer);


              catch (Exception e) {

                // dont care, after few seconds the next attemt will be made

                LOGGER.error("Timer not started because exception occured.", e);






            public void executeTimer(Timer timer)


              LOGGER.debug("Timer executed");

              SecurityAssociation.setPrincipal(new SimplePrincipal("SystemUser"));



              // Call session bean







          No side effects found yet :-)

          Best regards,