0 Replies Latest reply on Apr 23, 2002 4:30 PM by Erik Konijnenburg

    calling secured EJB does not set sessioncontext

    Erik Konijnenburg Newbie


      I have written a simple session bean which echoes a
      string. I access this bean via the web (jsp).
      I can secure this bean using when i access it from a
      servlet.
      When I access it from a JSP the session context is not
      set. I tried this with the JBOSS catalina bundle:
      JBoss-2.4.4_Tomcat-4.0.1

      Am I doing something wrong or is this a bug?

      Regards,

      Erik

      JSP file
      --------



      echo


      <jsp:useBean id="bean1" scope="session"
      class="echo.EchoBean" />
      <jsp:setProperty name="bean1" property="echo" value
      = "Hello Erik" />

      <h1>
      JBuilder Generated JSP
      </h1>

      <%= bean1.getEcho() %>


      Bean
      ----
      package echo;

      import java.rmi.*;
      import javax.ejb.*;

      /**
      * Title:
      * Description:
      * Copyright: Copyright (c) 2002
      * Company:
      * @author unascribed
      * @version 1.0
      */

      public class EchoBean implements SessionBean {
      private SessionContext sessionContext;
      String echo;

      public void ejbCreate() {
      }
      public void ejbRemove() {
      }
      public void ejbActivate() {
      }
      public void ejbPassivate() {
      }
      public void setSessionContext(SessionContext
      sessionContext) {
      System.out.println("Setting Session context");
      this.sessionContext = sessionContext;
      }
      public void setEcho(String echo) {
      this.echo = echo;

      System.out.println("setEcho(String echo);");
      }

      public String getEcho() {
      System.out.println("getEcho();");
      return echo + " " +
      sessionContext.getCallerPrincipal().getName();
      }

      }

      web.xml
      -------
      <?xml version="1.0" encoding="UTF-8"?>
      <!DOCTYPE web-app PUBLIC "-//Sun Microsystems,
      Inc.//DTD Web Application
      2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">
      <web-app>

      <servlet-name>echoit</servlet-name>
      <jsp-file>/echo.jsp</jsp-file>

      <servlet-mapping>
      <servlet-name>echoit</servlet-name>
      <url-pattern>/restricted/echoit</url-pattern>
      </servlet-mapping>
      <security-constraint>
      <display-name>Customer</display-name>
      <web-resource-collection>
      <web-resource-name>Collection1</web-resource-
      name>
      <url-pattern>/restricted/*</url-pattern>
      <url-pattern>/echo.jsp</url-pattern>
      <http-method>GET</http-method>
      <http-method>POST</http-method>
      <http-method>PUT</http-method>
      </web-resource-collection>
      <auth-constraint>
      <role-name>Customer</role-name>
      </auth-constraint>
      <user-data-constraint>
      <transport-guarantee>NONE</transport-guarantee>
      </user-data-constraint>
      </security-constraint>
      <login-config>
      <auth-method>FORM</auth-method>
      <form-login-config>
      <form-login-page>/logon.jsp</form-login-page>
      <form-error-page>/logon_failed.jsp</form-error-
      page>
      </form-login-config>
      </login-config>
      <security-role>
      <role-name>Customer</role-name>
      </security-role>
      <ejb-ref>
      <ejb-ref-name>EJB/Echo</ejb-ref-name>
      <ejb-ref-type>Session</ejb-ref-type>
      echo.EchoHome
      echo.Echo
      </ejb-ref>
      </web-app>

      ejb-jar.xml
      -----------
      <?xml version="1.0" encoding="UTF-8"?>
      <!DOCTYPE ejb-jar PUBLIC "-//Sun Microsystems,
      Inc.//DTD Enterprise JavaBeans
      1.1//EN" "http://java.sun.com/j2ee/dtds/ejb-
      jar_1_1.dtd">
      <ejb-jar>
      <enterprise-beans>

      <ejb-name>Echo</ejb-name>
      echo.EchoHome
      echo.Echo
      <ejb-class>echo.EchoBean</ejb-class>
      <session-type>Stateful</session-type>
      <transaction-type>Container</transaction-
      type>

      </enterprise-beans>
      <assembly-descriptor>
      <security-role>
      <role-name>Customer</role-name>
      </security-role>
      <method-permission>
      <role-name>Customer</role-name>


      <ejb-name>Echo</ejb-name>
      <method-name>*</method-name>

      </method-permission>
      </assembly-descriptor>
      </ejb-jar>

      jboss.xml
      ---------
      <?xml version="1.0" encoding="UTF-8"?>
      <!DOCTYPE jboss PUBLIC '-//JBoss//DTD JBOSS
      2.4//EN' 'http://www.jboss.org/j2ee/dtd/jboss_2_4.dtd'>

      <security-domain>java:/jaas/default</security-
      domain>

      <enterprise-beans>

      <ejb-name>Echo</ejb-name>
      <jndi-name>Echo</jndi-name>

      </enterprise-beans>


      jboss-web.xml
      -------------
      <?xml version="1.0" encoding="UTF-8"?>

      <jboss-web>
      <security-domain>java:/jaas/default</security-
      domain>

      <ejb-ref>
      <ejb-ref-name>EJB/Echo</ejb-ref-name>
      <jndi-name>Echo</jndi-name>
      </ejb-ref>
      </jboss-web>