0 Replies Latest reply on Oct 10, 2013 12:22 AM by Guy Kirschbaum

    JBoss MDB Using priviliged action to access session bean throws exception

    Guy Kirschbaum Newbie

      I am trying to trigger a call to a secured session bean from a Message Driven Bean.

      The session bean is "governed" by JAAS security domain.

      Accessing the session bean from another session bean is running fine including security checks and valid user context.

      The problem starts when I try to use login module and access the session bean in an "async" way.

      No matter what I do, I get an Ejb Access denied exception.

      The weird thing is that introspecting the Subject in the privileged action (see below) returns the right user and roles (which can access the session bean if I am not using the MDB).

      Any hint?

      Here is a code snippet:

      @MessageDriven(
              activationConfig = {
                      @ActivationConfigProperty(
                              propertyName = "destinationType", propertyValue = "javax.jms.Queue"),
                      @ActivationConfigProperty(
                              propertyName = "destination", propertyValue = "queue/myQueue") })
      @SecurityDomain("mySecurityDomain")
      public class myMDB implements MessageListener {
      ....  
      
      @EJB
      private MyEjb myEjb;
      
      ....
      
      @Override
      public void onMessage(final Message message) {     
           try {
                final LoginContext loginContext = new LoginContext("mySecurityDomain", new PassiveCallbackHandler("testUser", "testPassword"));
                loginContext.login();
                Subject.doAs(loginContext.getSubject(), new PrivilegedAction<Boolean>() {
                     @Override
                     public Boolean run() {
                          try {
                               myBean.testAccess();
                               return true;
                          } catch (final Exception e) {
                               e.printStackTrace();
                          }
                          return true;
                     }
                });
           } catch (final JMSException e) {
                e.printStackTrace();
           } catch (final LoginException e) {
                e.printStackTrace();
           }
      }
      
      ....