4 Replies Latest reply on Sep 16, 2009 7:48 AM by Lars Vonk

    jboss5: credentials get lost when creating jms connection

    Lars Vonk Newbie

      Hi,

      We are migrating to jboss 5.1.x jdk6 and are experiencing the following problem.

      From an EJB we want to put a message on a JMS Queue. When opening a connection via the connectionfactory the current credentials get lost. So in code:

      @Stateless
      @RolesAllowed({"admin", "user", "MY_SYSTEM"})
      @RunAs("MY_SYSTEM")
      public class MyBean implements BeanService {
      
       @Resource(mappedName = "/XAConnectionFactory")
       private ConnectionFactory connectionFactory;
      
       @Resource(mappedName = "/queue/EmailSenderQueue")
       private Queue emailSenderQueue;
      
       @Resource
       private SessionContext context;
      
       @EJB
       private Repository repo;
      
       public void serviceMethod() {
       repo.doSomething();
       mail();
       // credentials are needed here, but they are lost.
       repo.doSomethingElse();
       }
      
       void mail() {
       log.info("Principal: " + context.getCallerPrincipal().getName());
       log.info("role admin " + context.isCallerInRole("admin"));
       log.info("role MY_SYSTEM " + context.isCallerInRole("MY_SYSTEM"));
      
       connection = connectionFactory.createConnection();
      
       log.info("Principal: " + context.getCallerPrincipal().getName());
       log.info("role admin " + context.isCallerInRole("admin"));
       log.info("role MY_SYSTEM " + context.isCallerInRole("MY_SYSTEM"));
      
       Session session = connection.createSession(false, Session.AUTO_ACKNOWLEDGE);
       // REST OMITTED
       }
      
      
      }
      
      


      I added the log statements and from that I can see that the credentials are lost after the statement connection = connectionFactory.createConnection();

      The following is logged:

      Principal: test
      role admin true
      role MY_SYSTEM true
      

      connection = connectionFactory.createConnection(); executes then:

      Principal: anonymous
      role admin false
      role MY_SYSTEM false
      


      What happens is that when the method serviceMethod() is called then the call to the repo.doSomething(); succeeds but the call to repo.doSomethingElse(); does not, saying it is unauthorized.

      My question is basically, how do I keep the credentials when after a JMS connection?