2 Replies Latest reply on Aug 28, 2004 4:41 PM by maiden

    isCallerInRole problem



      I have a problem with security configureation of my EJB. I call my EJB methods from the servlet. EJB is secured and method permissions is set only for the "Guests" role.




      It works fine. If I remove the code above from the deployment descriptor it comes out with an exception:

      [org.jboss.ejb.plugins.SecurityInterceptor] Insufficient method permissions, principal=null, method=myMethod, interface=LOCALHOME, requiredRoles=[Users], principalRoles=[Guests]

      But is I call isCallerInRole("Guests") inside myMethod it always return false. Why?

      If the principal was allowed to execute this method it MUST be in Guests role.

      Please, tell me what is wrong?