You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomee.apache.org by BenD <be...@baesystems.com> on 2011/08/02 03:41:23 UTC
isCallerInRole without using annotations (@DeclareRoles,
@RolesAllowed)
I have a problem that seems to be related to the following post, however the
temporary work around isn't useful for our solution:
http://openejb.979440.n4.nabble.com/JUnit-Sessioncontext-isCallerInRole-allways-returns-false-td3257408.html
My problem occurs is that at configuration time we want to be able to add
"groups" without having them defined in the @DeclareRoles (or any of the
other annotations e.g: @RolesAllowed), as this would require recompiling
code each time new groups are added.
I am using OpenEJB 3.1.4.
See below for the code showing what I am attempting to achieve:
*MyTestBeanLocal.java: *
@Local
public interface MyTestBeanLocal {
boolean hasRole(String role);
}
*MyTestBean.java: *
@Stateless
@DeclareRoles({users})
public class MyTestBean implements MyTestBeanLocal {
@Resource
private SessionContext sessionContext;
public boolean hasRole(final String role) {
return this.sessionContext.isCallerInRole(role);
}
}
*MyTestCase.java: *
public class MyTestCase {
@Test
public void test1() throws Exception {
Properties p = new Properties();
p.put( Context.INITIAL_CONTEXT_FACTORY,
"org.apache.openejb.client.LocalInitialContextFactory" );
p.put( "java.naming.security.principal", "User1" );
p.put( "java.naming.security.credentials", "password1" );
p.put( "openejb.authentication.realmName", "PropertiesLogin" ); //
optional
final InitialContext ctx = new InitialContext( p );
final MyTest myTest = (MyTest) ctx.lookup("MyTestBeanLocal");
System.out.println("Is in 'users'? " + myTest.hasRole("users"));
System.out.println("Is in 'GroupOne'? " + myTest.hasRole("GroupOne"));
}
}
*users.properties:*
User1=password1
User2=password2
*groups.properties:*
users=User1,User2
GroupOne=User1
*Output:*
Is in 'users'? true
Is in 'GroupOne'? false
I have attempted to modify my META-INF/ejb-jar.xml but this has no affect on
the output:
*Original:*
<ejb-jar/>
*Modified:*
<ejb-jar xmlns="http://java.sun.com/xml/ns/javaee" version="3.0"
metadata-complete="false">
<assembly-descriptor>
<security-role>
<description>The Group 1 Role</description>
<role-name>GroupOne</role-name>
</security-role>
</assembly-descriptor>
</ejb-jar>
--
View this message in context: http://openejb.979440.n4.nabble.com/isCallerInRole-without-using-annotations-DeclareRoles-RolesAllowed-tp3711169p3711169.html
Sent from the OpenEJB Dev mailing list archive at Nabble.com.