You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomee.apache.org by Anthony Fryer <ap...@hotmail.com> on 2012/06/21 00:45:12 UTC

SessionContext isCallerInRole always returns false

I have a Stateless Session EJB with an injected SessionContext.  I have a
method where i try to use the isCallerInRole method to determine if a user
is an ADMIN user or not but this method always returns false, even for users
that are ADMIN users.  The code is below...

@Stateless
public class UserImpl implements UserService {

        @PersistenceContext(unitName="poker-entities") private EntityManager
em;

        @Resource private SessionContext sctx;

        @Override
        @RolesAllowed({"ADMIN","USER"})
        @TransactionAttribute(TransactionAttributeType.REQUIRED)
        public void userUpdate(User user) {

                User currentUser = this.findCurrentUser();
                if (currentUser == null || (currentUser.getId() !=
user.getId() && !sctx.isCallerInRole("ADMIN"))) {
                        throw new EJBAccessException("Principal does not
have permission to call this method");
                }

                em.merge(user);
        }
}

If i change the @RolesAllowed annotation to @RolesAllowed({"ADMIN"}) which
guarantees that only ADMIN users can call the method, the call to
sctx.isCallerInRole("ADMIN") still returns false.

Cheers,

Anthony 

--
View this message in context: http://openejb.979440.n4.nabble.com/SessionContext-isCallerInRole-always-returns-false-tp4655705.html
Sent from the OpenEJB User mailing list archive at Nabble.com.

RE: SessionContext isCallerInRole always returns false

Posted by Robin <ro...@gmail.com>.

Please remove me from this list

-----Original Message-----
From: Romain Manni-Bucau [mailto:rmannibucau@gmail.com] 
Sent: Wednesday, June 20, 2012 9:15 PM
To: users@openejb.apache.org
Subject: Re: SessionContext isCallerInRole always returns false

Did you try to put it in server.xml?
Le 21 juin 2012 02:42, "Anthony Fryer" <ap...@hotmail.com> a écrit :

> I include a META-INF/context.xml file in my war file, the contents are 
> below...
>
> <?xml version="1.0" encoding="UTF-8"?> <Context>
>        <Realm className="org.apache.catalina.realm.DataSourceRealm"
>                dataSourceName="pokerDatabase"
>                localDataSource="true"
>                digest="MD5"
>                debug="99"
>        userTable="USER"
>        userNameCol="USER_NAME"
>        userCredCol="PASSWORD"
>        userRoleTable="USER_ROLES"
>        roleNameCol="ROLE"
>        />
> </Context>
>
> My datasource is configured in tomee.xml but made available in the 
> java:comp/env namespace by the following in my web.xml...
>
> <web-app>
> ...
> <resource-ref>
>  <res-ref-name>pokerDatabase</res-ref-name>
>  <res-type>javax.sql.DataSource</res-type>
>  <res-auth>Container</res-auth>
>  </resource-ref>
> </web-app>
>
> --
> View this message in context:
> http://openejb.979440.n4.nabble.com/SessionContext-isCallerInRole-alwa
> ys-returns-false-tp4655705p4655711.html
> Sent from the OpenEJB User mailing list archive at Nabble.com.
>

Re: SessionContext isCallerInRole always returns false

Posted by Romain Manni-Bucau <rm...@gmail.com>.

Did you try to put it in server.xml?
Le 21 juin 2012 02:42, "Anthony Fryer" <ap...@hotmail.com> a écrit :

> I include a META-INF/context.xml file in my war file, the contents are
> below...
>
> <?xml version="1.0" encoding="UTF-8"?>
> <Context>
>        <Realm className="org.apache.catalina.realm.DataSourceRealm"
>                dataSourceName="pokerDatabase"
>                localDataSource="true"
>                digest="MD5"
>                debug="99"
>        userTable="USER"
>        userNameCol="USER_NAME"
>        userCredCol="PASSWORD"
>        userRoleTable="USER_ROLES"
>        roleNameCol="ROLE"
>        />
> </Context>
>
> My datasource is configured in tomee.xml but made available in the
> java:comp/env namespace by the following in my web.xml...
>
> <web-app>
> ...
> <resource-ref>
>  <res-ref-name>pokerDatabase</res-ref-name>
>  <res-type>javax.sql.DataSource</res-type>
>  <res-auth>Container</res-auth>
>  </resource-ref>
> </web-app>
>
> --
> View this message in context:
> http://openejb.979440.n4.nabble.com/SessionContext-isCallerInRole-always-returns-false-tp4655705p4655711.html
> Sent from the OpenEJB User mailing list archive at Nabble.com.
>

Re: SessionContext isCallerInRole always returns false

Posted by Anthony Fryer <ap...@hotmail.com>.

I include a META-INF/context.xml file in my war file, the contents are
below...

<?xml version="1.0" encoding="UTF-8"?>
<Context>
	<Realm className="org.apache.catalina.realm.DataSourceRealm" 
		dataSourceName="pokerDatabase"
		localDataSource="true" 
		digest="MD5" 
		debug="99" 
        userTable="USER" 
        userNameCol="USER_NAME" 
        userCredCol="PASSWORD" 
        userRoleTable="USER_ROLES" 
        roleNameCol="ROLE"
        />
</Context>

My datasource is configured in tomee.xml but made available in the
java:comp/env namespace by the following in my web.xml...

<web-app>
...
<resource-ref>
  <res-ref-name>pokerDatabase</res-ref-name>
  <res-type>javax.sql.DataSource</res-type>
  <res-auth>Container</res-auth>
 </resource-ref>
</web-app>

--
View this message in context: http://openejb.979440.n4.nabble.com/SessionContext-isCallerInRole-always-returns-false-tp4655705p4655711.html
Sent from the OpenEJB User mailing list archive at Nabble.com.

Re: SessionContext isCallerInRole always returns false

Posted by Romain Manni-Bucau <rm...@gmail.com>.

Hi

give your conf please

- Romain


2012/6/21 Anthony Fryer <ap...@hotmail.com>

> I have a Stateless Session EJB with an injected SessionContext.  I have a
> method where i try to use the isCallerInRole method to determine if a user
> is an ADMIN user or not but this method always returns false, even for
> users
> that are ADMIN users.  The code is below...
>
> @Stateless
> public class UserImpl implements UserService {
>
>        @PersistenceContext(unitName="poker-entities") private EntityManager
> em;
>
>        @Resource private SessionContext sctx;
>
>        @Override
>        @RolesAllowed({"ADMIN","USER"})
>        @TransactionAttribute(TransactionAttributeType.REQUIRED)
>        public void userUpdate(User user) {
>
>                User currentUser = this.findCurrentUser();
>                if (currentUser == null || (currentUser.getId() !=
> user.getId() && !sctx.isCallerInRole("ADMIN"))) {
>                        throw new EJBAccessException("Principal does not
> have permission to call this method");
>                }
>
>                em.merge(user);
>        }
> }
>
> If i change the @RolesAllowed annotation to @RolesAllowed({"ADMIN"}) which
> guarantees that only ADMIN users can call the method, the call to
> sctx.isCallerInRole("ADMIN") still returns false.
>
> Cheers,
>
> Anthony
>
> --
> View this message in context:
> http://openejb.979440.n4.nabble.com/SessionContext-isCallerInRole-always-returns-false-tp4655705.html
> Sent from the OpenEJB User mailing list archive at Nabble.com.
>