openejb-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Romain Manni-Bucau <>
Subject Re: (Security) isUserInRole not working?
Date Sun, 19 Aug 2012 20:49:25 GMT

it typically needs to configure the tomcat realm to be the openejb one
(link between tomcat and openejb)

here a sample:

it uses the properties config but using the sql one should work too.

The point is mainly the request methods use the tomcat realm and i guess
you didn't specify the openejb one.

BTW some enhancements have been done on the snapshot on these subjects, you
can give it a try too.

*Romain Manni-Bucau*
*Twitter: @rmannibucau*

2012/8/19 jszczepankiewicz <>

> Hi,
> Apache tomee 1.0.0 web profile, jdk 7.
> I am facing strange problem:
> Using programmatic login by HttpServletRequest.login method.
> Also using:
> After login I can successfully use methods on (HttpServletRequest and on
> SessionContext)
> req.getUserPrincipal().getName() (from basic servlet)
> context.getCallerPrincipal().getName (from Stateless EJB)
> they return proper name
> But if i use:
> req.isUserInRole(...)
> or
> context.isUserInRole()
> they always return false
> I have tested the groupSelect query in login.conf and see no errors.
> This is very basic functionality and rather not possible that this is a
> tomee bug so what's wrong? Documentation for tomme is so basic. Is some
> container (openejb.conf) specific configuration required to map roles to
> groups? Thanks in advance.
> --
> View this message in context:
> Sent from the OpenEJB User mailing list archive at

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message