geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Blevins <david.blev...@visi.com>
Subject Re: isCallerInRole(...) always return false
Date Tue, 18 Dec 2007 21:54:14 GMT

On Dec 18, 2007, at 12:54 PM, cvx22 wrote:

>
> Hi gurus,
>
> I'm just starting my experience with javaee and apache Geronimo. The  
> first
> is EJB. I created simple session bean based on MyPhonebookBean from
> Geronimo's pages. I spen't much time on login configuration and it  
> works.
> now i have a problem with <context>.isCallerInRole().
> Each time I invoke this method on SessionContext, it return false.
> getCallerPrincipal method works correctly.
>
> @RolesAllowed("Reader") works correctly. without client  
> authorizations I
> can't invoke this method.
> The strange thing is, ctx.isCallerInRole("Reader") returns false. I  
> really
> don't now why.
> Why @RolesAllowed is ok, but isCallerInRole not.
> I think this may be some configuration error or bug.
> I have no idea where is problem. Last thing I wish to do, is source  
> code
> debugging, started it, but it is hard work and until now didn't  
> found any
> hint.
> I need this method working correctly for beans, which I plan to write.

Add @DeclareRoles({"Reader"}) to the class and it should work fine.

-David


> thanks for help.
> Artur,
>
> Geronimo is 2.0.2.
> more about code:
> I use standalone ejb client. there is most important part of code:
> =====================
> 	Properties env = new Properties();
> 	
> 	String jndiProvider =
> "org.apache.openejb.client.RemoteInitialContextFactory";
> 	env.put( Context.INITIAL_CONTEXT_FACTORY , jndiProvider);
> 	env.put( Context.PROVIDER_URL, "tcp://127.0.0.1:4201");
> 	env.put( Context.SECURITY_PRINCIPAL, "user");
> 	env.put( Context.SECURITY_CREDENTIALS, "password");
> 	env.put( "openejb.authentication.realmName", "test-realm");
> 	
> 	try {
> 		Context ctx = new InitialContext(env);
> 	
> 	    Object obj = ctx.lookup( "MyPhonebookBeanRemote");
> 	    System.out.println("Accessing: "+obj.getClass());
> 	
> 	    MyPhonebookRemote pbr = (MyPhonebookRemote) obj;
> 	    PhoneBook b = pbr.findByPrimaryKey("Joe");
> 	
> =====================
> in MyPhonebookBean class i have method:
> where SessionContext ctx;
> =====================
>        @RolesAllowed("Reader")
>        public PhoneBook findByPrimaryKey(String name) {
>                EntityManager em = emf.createEntityManager();
>                System.out.println("Caller.role:
> "+ctx.isCallerInRole("Reader"));
>    [...]
> =====================
> in openejb-jar.xml there is just:
> threre is also security realm description "test-ream" cooperating with
> MySQL. it works correctly (i.e. if i chage password in DB, user  
> can't login)
> =====================
>        <security xmlns="http://geronimo.apache.org/xml/ns/ 
> security-2.0">
>                <role-mappings>
>                        <role role-name="Reader">
>                                <principal
> class 
> ="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal"
> name="Reader"/>
>                        </role>
>        [...]
> =====================
>
> -- 
> View this message in context: http://www.nabble.com/isCallerInRole%28...%29-always-return-false-tp14405574s134p14405574.html
> Sent from the Apache Geronimo - Users mailing list archive at  
> Nabble.com.
>
>


Mime
View raw message