Denis,
You have used two differtent names for the role. What happens if you call:
getSessionContext().isCallerInRole("administrator") ?
> -----Original Message-----
> From: A mailing list for Enterprise JavaBeans development
> [mailto:[EMAIL PROTECTED] Behalf Of Denis Wang
> Sent: Tuesday, 24 June 2003 7:42 a.m.
> To: [EMAIL PROTECTED]
> Subject: ejbSessionContext.isCallerInRoll()
>
>
> Hi, all,
>
> I encounter the following problem when I debug a session facade:
> getSessionContext().getCallerPrincipal().getName()
> (debug value: "administratorUser" )
> getSessionContext().isCallerInRole("administratorRole")
> (debug value: false, which is not what I expected)
>
> The logged in user 'administratorUser' is believed to be in the role of
> 'administratorRole'.
> For example,
> <method-permission>
> <role-name>administrator</role-name>
> <method>
> <ejb-name>ScheduleSessionFacadeEJB</ejb-name>
> <method-intf>Remote</method-intf>
> <method-name>deleteSchedule</method-name>
> </method>
> </method-permission>
>
> If I comment out the line
> <role-name>administrator</role-name>
> the administratorUser will trigger an exception when trying to
> "deleteSchedule".
>
> It seems to me, the declarative Container Manager Security works, but my
> programmatic security check fails. It is weird.
>
> Could anyone shed some lights please?
> Thanks.
> Denis
>
> ==================================================================
> =========
> To unsubscribe, send email to [EMAIL PROTECTED] and include
> in the body
> of the message "signoff EJB-INTEREST". For general help, send email to
> [EMAIL PROTECTED] and include in the body of the message "help".
>
>
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
