4 Replies Latest reply on Jul 12, 2005 7:30 AM by Peter Doornbosch

    getCallerPrincipal() throws IllegalStateException: No securi

    bug-c Newbie

      Hello,

      I have a problem with the getCallerPrincipal method with Jboss 3.2.6. When I try to call this method the container throws an IllegalStateException saying that no security context was set. I already searched the internet and saw that other people also have the same problem. Is this a bug with Jboss 3.2.6?

      My code looks like that:
      public void ejbCreate() {
      String principalName = context.getCallerPrincipal().getName();
      [... do some additional stuff with the user ...]
      }

      the setSessionContext method is implemented and sets the context variable.

      Thanks for your time,
      Regards, Stefan

        • 1. Re: getCallerPrincipal() throws IllegalStateException: No se
          Alexander Newbie

          From my point of view:

          1) getCallerPrincipal will throw an exception in case you deploy your bean outside of a security domain;

          2) in case your bean is stateless session bean, the EntityContext method getCallerPrincipal is prohibited to call inside ejbCreate or ejbRemove methods (see specification)

          again - it is only my personal opinion, and may be it is wrong.

          Alexander

          • 2. Re: getCallerPrincipal() throws IllegalStateException: No se
            bug-c Newbie

            Thanks a lot for this fast reply :) and even better you are correct and fixed my error :)

            The problem is that I use AndroMDA (MDA generator) to create my beans and this tool creates a stateful session bean if attributes are given to the class. Unfortunately I removed all attributes (because I did not need them) and therefore a stateless session bean was created. I was not aware of the fact that I am not allowed to call the getCallerPrincipal() inside the ejbCreate() method in case of a stateless session bean.

            Thanks again,
            Stefan

            • 3. Re: getCallerPrincipal() throws IllegalStateException: No se
              Ajay Newbie

              Hello,

              I am also facing same problem with the getCallerPrincipal() method with Jboss 3.2.3. When I try to call this method the container throws an IllegalStateException saying that no security context was set.

              My code looks like:
              =====================================
              public void myCustomMethod() throws RemoteException {
              String loggedUser = ctx.getCallerPrincipal().getName();
              ........
              }
              =====================================

              The setSessionContext method is implemented and sets the context variable.

              Also, as you said, I have not configured any "Security Domain", I am directly using my own Java API to authenticate the user against LDAP Server.

              In this case, how to get the Principal information in EJB?

              Regards,
              Ajay

              • 4. Re: getCallerPrincipal() throws IllegalStateException: No se
                Peter Doornbosch Apprentice

                 

                Also, as you said, I have not configured any "Security Domain", I am directly using my own Java API to authenticate the user against LDAP Server.


                If you do not use JBoss' security system, how do you expect JBoss to know wich Principal is calling the EJB??? If you need to write your own authentication module, put it in a (JAAS) LoginModule, and configure that module for your security domain, so that JBoss can initiate the authentication (by calling your module) and has a means to determine "who is calling".