2 Replies Latest reply on Nov 28, 2003 9:53 AM by Marcelo Klein

    Principals from MessageBean

    Marcelo Klein Newbie

      Hello, I'm using JBoss 3.2.2 over linux.
      I wanted to know if there is any way to authenticate a user on a Message Driven Bean, getting the user's subject, role or anything that might help for calling a secured Session Bean from the MDB.
      Actually, I can login users through the DatabaseServerLoginModule, but they always appear in the "guest" role. Can this be changed to the "real" role?
      Thanks a lot.
      Marcelo

        • 1. Re: Principals from MessageBean
          jamesstrachan Newbie

          Marcelo,

          There is no way of getting at user information because Message Driven Beans are anonymous.

          The EJB Spec. 2.0 says, on Page 320, "Invoking the getCallerPrincipal and isCallerInRole methods is disallowed in the message-driven bean methods because the Container does not have a client security context".

          You could use a "run-as" principal within the Deployment Descriptor to supply a role that is allowed to perform the methods that you wish to access (see Page 447).

          That still doesn't give you access to the real identity of the message sender, but would allow you to call the secured Session Bean.

          James

          • 2. Re: Principals from MessageBean
            Marcelo Klein Newbie

            OK, I understand. That's bad news.
            Can I get a workaroud, sending the username and password in the JMS Message, creating the LoginContext and doing loginCxt.login() ?

            Thanks for your reply.
            Marcelo