You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomee.apache.org by Anthony Fryer <ap...@hotmail.com> on 2012/06/21 00:45:12 UTC
SessionContext isCallerInRole always returns false
I have a Stateless Session EJB with an injected SessionContext. I have a
method where i try to use the isCallerInRole method to determine if a user
is an ADMIN user or not but this method always returns false, even for users
that are ADMIN users. The code is below...
@Stateless
public class UserImpl implements UserService {
@PersistenceContext(unitName="poker-entities") private EntityManager
em;
@Resource private SessionContext sctx;
@Override
@RolesAllowed({"ADMIN","USER"})
@TransactionAttribute(TransactionAttributeType.REQUIRED)
public void userUpdate(User user) {
User currentUser = this.findCurrentUser();
if (currentUser == null || (currentUser.getId() !=
user.getId() && !sctx.isCallerInRole("ADMIN"))) {
throw new EJBAccessException("Principal does not
have permission to call this method");
}
em.merge(user);
}
}
If i change the @RolesAllowed annotation to @RolesAllowed({"ADMIN"}) which
guarantees that only ADMIN users can call the method, the call to
sctx.isCallerInRole("ADMIN") still returns false.
Cheers,
Anthony
--
View this message in context: http://openejb.979440.n4.nabble.com/SessionContext-isCallerInRole-always-returns-false-tp4655705.html
Sent from the OpenEJB User mailing list archive at Nabble.com.
RE: SessionContext isCallerInRole always returns false
Posted by Robin <ro...@gmail.com>.
Please remove me from this list
-----Original Message-----
From: Romain Manni-Bucau [mailto:rmannibucau@gmail.com]
Sent: Wednesday, June 20, 2012 9:15 PM
To: users@openejb.apache.org
Subject: Re: SessionContext isCallerInRole always returns false
Did you try to put it in server.xml?
Le 21 juin 2012 02:42, "Anthony Fryer" <ap...@hotmail.com> a écrit :
> I include a META-INF/context.xml file in my war file, the contents are
> below...
>
> <?xml version="1.0" encoding="UTF-8"?> <Context>
> <Realm className="org.apache.catalina.realm.DataSourceRealm"
> dataSourceName="pokerDatabase"
> localDataSource="true"
> digest="MD5"
> debug="99"
> userTable="USER"
> userNameCol="USER_NAME"
> userCredCol="PASSWORD"
> userRoleTable="USER_ROLES"
> roleNameCol="ROLE"
> />
> </Context>
>
> My datasource is configured in tomee.xml but made available in the
> java:comp/env namespace by the following in my web.xml...
>
> <web-app>
> ...
> <resource-ref>
> <res-ref-name>pokerDatabase</res-ref-name>
> <res-type>javax.sql.DataSource</res-type>
> <res-auth>Container</res-auth>
> </resource-ref>
> </web-app>
>
> --
> View this message in context:
> http://openejb.979440.n4.nabble.com/SessionContext-isCallerInRole-alwa
> ys-returns-false-tp4655705p4655711.html
> Sent from the OpenEJB User mailing list archive at Nabble.com.
>
Re: SessionContext isCallerInRole always returns false
Posted by Romain Manni-Bucau <rm...@gmail.com>.
Did you try to put it in server.xml?
Le 21 juin 2012 02:42, "Anthony Fryer" <ap...@hotmail.com> a écrit :
> I include a META-INF/context.xml file in my war file, the contents are
> below...
>
> <?xml version="1.0" encoding="UTF-8"?>
> <Context>
> <Realm className="org.apache.catalina.realm.DataSourceRealm"
> dataSourceName="pokerDatabase"
> localDataSource="true"
> digest="MD5"
> debug="99"
> userTable="USER"
> userNameCol="USER_NAME"
> userCredCol="PASSWORD"
> userRoleTable="USER_ROLES"
> roleNameCol="ROLE"
> />
> </Context>
>
> My datasource is configured in tomee.xml but made available in the
> java:comp/env namespace by the following in my web.xml...
>
> <web-app>
> ...
> <resource-ref>
> <res-ref-name>pokerDatabase</res-ref-name>
> <res-type>javax.sql.DataSource</res-type>
> <res-auth>Container</res-auth>
> </resource-ref>
> </web-app>
>
> --
> View this message in context:
> http://openejb.979440.n4.nabble.com/SessionContext-isCallerInRole-always-returns-false-tp4655705p4655711.html
> Sent from the OpenEJB User mailing list archive at Nabble.com.
>
Re: SessionContext isCallerInRole always returns false
Posted by Anthony Fryer <ap...@hotmail.com>.
I include a META-INF/context.xml file in my war file, the contents are
below...
<?xml version="1.0" encoding="UTF-8"?>
<Context>
<Realm className="org.apache.catalina.realm.DataSourceRealm"
dataSourceName="pokerDatabase"
localDataSource="true"
digest="MD5"
debug="99"
userTable="USER"
userNameCol="USER_NAME"
userCredCol="PASSWORD"
userRoleTable="USER_ROLES"
roleNameCol="ROLE"
/>
</Context>
My datasource is configured in tomee.xml but made available in the
java:comp/env namespace by the following in my web.xml...
<web-app>
...
<resource-ref>
<res-ref-name>pokerDatabase</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Container</res-auth>
</resource-ref>
</web-app>
--
View this message in context: http://openejb.979440.n4.nabble.com/SessionContext-isCallerInRole-always-returns-false-tp4655705p4655711.html
Sent from the OpenEJB User mailing list archive at Nabble.com.
Re: SessionContext isCallerInRole always returns false
Posted by Romain Manni-Bucau <rm...@gmail.com>.
Hi
give your conf please
- Romain
2012/6/21 Anthony Fryer <ap...@hotmail.com>
> I have a Stateless Session EJB with an injected SessionContext. I have a
> method where i try to use the isCallerInRole method to determine if a user
> is an ADMIN user or not but this method always returns false, even for
> users
> that are ADMIN users. The code is below...
>
> @Stateless
> public class UserImpl implements UserService {
>
> @PersistenceContext(unitName="poker-entities") private EntityManager
> em;
>
> @Resource private SessionContext sctx;
>
> @Override
> @RolesAllowed({"ADMIN","USER"})
> @TransactionAttribute(TransactionAttributeType.REQUIRED)
> public void userUpdate(User user) {
>
> User currentUser = this.findCurrentUser();
> if (currentUser == null || (currentUser.getId() !=
> user.getId() && !sctx.isCallerInRole("ADMIN"))) {
> throw new EJBAccessException("Principal does not
> have permission to call this method");
> }
>
> em.merge(user);
> }
> }
>
> If i change the @RolesAllowed annotation to @RolesAllowed({"ADMIN"}) which
> guarantees that only ADMIN users can call the method, the call to
> sctx.isCallerInRole("ADMIN") still returns false.
>
> Cheers,
>
> Anthony
>
> --
> View this message in context:
> http://openejb.979440.n4.nabble.com/SessionContext-isCallerInRole-always-returns-false-tp4655705.html
> Sent from the OpenEJB User mailing list archive at Nabble.com.
>