geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From John Field <>
Subject JACC PolicyContextHandlers
Date Fri, 14 Jun 2013 16:13:11 GMT
Hi all,

I have a question about using the PolicyContextHandler for EJB policy

I am using Geronimo 3 and I have an application with a requirement to make
an access control decision on an EJB method invocation, based upon the
values of the EJB method arguments.

I have attempted to access the EJB method arguments from within the
implies() method of the GeronimoPolicy class,

Inside the implies() method of this class (after the declarative-based
principal permission checks) I am doing:

                        ThreadData threadData =
                        EnterpriseBean aBean = threadData.getBean();

...however the result is that the value of aBean is null.

I also tried:

           PolicyContextHandler aPCH = (PolicyContextHandler)

But this also returned null.

Curious as to why this was not populated, so I searched the code base and
this failed to identify any caller invoking the corresponding push, i.e.  a
call to PolicyContextHandlerEnterpriseBean.pushContextData()

Note that I am able to successfully access the servlet context using

                        ThreadData threadData =
                        HttpServletRequest aRequest =

 And in a search of the code I do see that both Jetty and Tomcat containers
are indeed making use of the pushContextData() method.

So, I am wondering whether this EJB context is available.  Am I doing
something incorrectly here?, Or, perhaps this is just not yet implemented
on the OpenEJB container?

Any help appreciated.



John P. Field | Security Architect | Pivotal

*[image: cid:332B1A9B-BFB1-42CC-8C13-5949BB4B8266]*
* <>*

View raw message