Hi,
I originally posted this question in another forum, but thought it might do a bit
better here. I have two session beans, TestSession and InternalSession. TestSession
is stateful, InternalSession is stateless. TestSession has the run-as role set to
"internal", and all of the methods for InternalSession require the "internal" role.
Everthing runs fine, until ejbActivate is invoked on TestSession. I get the following
exception:
| 12:08:13,801 ERROR [SecurityInterceptor] Insufficient method permissions,
principal=null, method=create, interface=LOCALHOME, requiredRoles=[internal],
principalRoles=[]
| 12:08:13,804 ERROR [LogInterceptor] EJBException, causedBy:
| java.lang.SecurityException: Insufficient method permissions, principal=null,
method=create, interface=LOCALHOME, requiredRoles=[internal], principalRoles=[]
| at
org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:229)
| at
org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:81)
| at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:120)
| at
org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invokeHome(ProxyFactoryFinderInterceptor.java:93)
| at
org.jboss.ejb.SessionContainer.internalInvokeHome(SessionContainer.java:562)
| at org.jboss.ejb.Container.invoke(Container.java:909)
| at
org.jboss.ejb.plugins.local.BaseLocalProxyFactory.invokeHome(BaseLocalProxyFactory.java:293)
| at
org.jboss.ejb.plugins.local.LocalHomeProxy.invoke(LocalHomeProxy.java:110)
| at $Proxy51.create(Unknown Source)
| at test.TestSessionBean.getInternalSessionLocal(TestSessionBean.java:73)
| at test.TestSessionBean.checkRoles(TestSessionBean.java:210)
| at test.TestSessionBean.checkLocal(TestSessionBean.java:187)
| at test.TestSessionBean.ejbActivate(TestSessionBean.java:127)
| at
org.jboss.ejb.plugins.StatefulSessionFilePersistenceManager.activateSession(StatefulSessionFilePersistenceManager.java:331)
| at
org.jboss.ejb.plugins.StatefulSessionInstanceCache.activate(StatefulSessionInstanceCache.java:90)
| at
org.jboss.ejb.plugins.AbstractInstanceCache.get(AbstractInstanceCache.java:107)
| at
org.jboss.ejb.plugins.StatefulSessionInstanceInterceptor.invoke(StatefulSessionInstanceInterceptor.java:211)
| at
org.jboss.ejb.plugins.AbstractTxInterceptor.invokeNext(AbstractTxInterceptor.java:84)
| at
org.jboss.ejb.plugins.TxInterceptorCMT.runWithTransactions(TxInterceptorCMT.java:314)
| at org.jboss.ejb.plugins.TxInterceptorCMT.invoke(TxInterceptorCMT.java:148)
|
|
|
|
| The bit of code where the exception occurs is where create() is called on the
InternalSession ( which requires "internal" role ) below:
|
|
| | private InternalSessionLocal getInternalSessionLocal()
| | throws EJBException {
| |
| | try {
| |
| | InitialContext initCtx = new InitialContext();
| | InternalSessionLocalHome ilocalhome =
(InternalSessionLocalHome)initCtx.lookup(
| | "java:comp/env/ejb/test/InternalSession"
| | );
| | return ilocalhome.create();
| |
| | } catch (Exception e ) {
| | log.error( "Exception getting internal session.",e);
| | throw new EJBException( "exception getting internal session",e);
| | }
| |
| | }
| |
| |
|
| I have tested this on jboss-3.2.3 and jboss-4.0.0DR3, and the results are the
same. So the question is: Should jboss be applying the run-as role when ejbActivate
is invoked? My reading of the 2.0 spec suggests that is should, but I am not by any
means an expert.
|
| Thanks,
| Ed
<a
href="http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3826767#3826767";>View
the original post</a>
<a
href="http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3826767>Reply
to the post</a>
-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user
