0 Replies Latest reply on Mar 11, 2014 11:02 AM by Christophe Fillot

    @RunAs and DatabaseRolesMappingProvider

    Christophe Fillot Newbie

      Hi all,

       

      I spent some time on this, so if this can help other people...

       

      Here is the context:

      • An EJB "A" with @RunAs annotation calling another EJB "B"
      • A security domain with role mapping, using DatabaseRolesMappingProvider

       

      I migrated the application from JBoss AS 7.1.1 to EAP 6.2 and I began to get exceptions like

      "org.postgresql.util.PSQLException: ResultSet not positioned properly, perhaps you need to call next"

      when EJB "A" called methods from EJB "B".

       

      This happens because EJB "B" runs with principal "anonymous", and the SQL request specified for

      DatabaseRoles mapping returns no record in this case: https://issues.jboss.org/browse/SECURITY-639

      (I don't have any user called "anonymous" in the database).

       

      It seems that EAP 6.2 (and 6.1 too) now applies the role mapping configuration in this kind of

      situation whereas it was not the case before. As a workaround, I created a fake "anonymous" user

      with a fake role in the database, but this is a bit ugly. If someone has a better way to handle this...

       

      Christophe