How do I find out programmatically which other methods can be called on a
session bean by an authenticated user from in a bean method?
>From a client I'm trying to query what methods the user can call on the
>session bean, in order to enable and disable menu items and functionality as
>appropriate on the client.
On the session bean I have created a method which is supposed to return a list
of the methods accessible on the bean (simplified):
@PermitAll
public String[] getAllowedMethods() {
...
}
In this method I'm trying to iterate through the methods on the session bean
checking to see if the caller has permission to access each one. I want to
return a list of the accessible methods to the client. After a week of
exploring, searching on forums and trying out code I cannot find a way to do
this.
I could find no methods which give me access to this metadata from the bean so
I've tried querying the annotations myself from a static class reference to the
actual Session Bean (MySessionBean.class) but the annotations come back as
proxies and code reports there are no @Remote, @RolesAllowed etc. annotations
on the class I have a reference to, so I presume the ClassLoader is returning
me a bean proxy.
I've looked at SessionContext, EJBHome, EJBMetaData seeking this security
information about EJB methods but to no avail. All I have is a suspicion that
the information I am looking for is available to interceptors.
Anyone know how to query bean methods for roles allowed at runtime?
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3962286#3962286
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3962286
_______________________________________________
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user
