Uploaded image for project: 'Application Server 7'
  1. Application Server 7
  2. AS7-5075

Local ejb calls are always anonymous

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Won't Do
    • Icon: Major Major
    • None
    • 7.1.2.Final (EAP)
    • EJB
    • Hide

      create an mbean service and call a secured ejb. Inside the ejb try to get the caller principal.

      Show
      create an mbean service and call a secured ejb. Inside the ejb try to get the caller principal.

      Calling an ejb from within a mbean service for example is always running under 'anonymous' user even with a JAAS login before the invocation.
      Debugging has shown that only a correct security context is created by the SimpleSecurityManager when the call comes from a remote client.

              jaikiran Jaikiran Pai (Inactive)
              Michael_Gronau Michael Gronau (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: