Is it possible to configure an MDB so that when it calls a session bean, there are two (or more) roles associated with the session context.
The reason for this is that I have a bunch of session beans that are called directly or indirectly from a message driven bean's onMessage() function. These session beans have methods that are annotated with one of three roles, @RolesAllowed("readonly"), @RolesAllowed("readwrite") or @RolesAllowed("admin").
These annotations work fine for user interactions as the users (when they login) have a set of roles that is either ["readonly"], ["readonly","readwrite"] or ["readonly","readwrite","admin"].
What I need with my MDB is to have two roles in the session context when the session bean is called, ["readonly","readwrite"].
Yes, I could go and change all of the @RolesAllowed() annotations so that
- @RolesAllowed("readonly") becomes @RolesAllowed({"readonly","readwrite","admin"})
- @RolesAllowed("readwrite") becomes @RolesAllowed({"readwrite","admin"})
- @RolesAllowed("admin") stays as it is.
but this doesn't help where I have calls to isCallerInRole(). Where I use something like
if(ctx.isCallerInRole("readonly"))
I would need instead
if(ctx.isCallerInRole("readonly) || ctx.isCallerInRole("readwrite") || ctx.isCallerInRole("admin"))
to get the required behaviour.
but that seems a bit clumsy to me. So, is there a way to assert more than one role for the outgoing bean calls from the MDB?
thanks,
