NPE in Embedded Jboss when getCallerPrincipal method on SessionContext ---------------------------------------------------------------------- Key: EJBTHREE-615 URL: http://jira.jboss.com/jira/browse/EJBTHREE-615 Project: EJB 3.0 Issue Type: Bug Affects Versions: EJB 3.0 RC8 - FD Reporter: Nicolai ?dum Assigned To: Carlo de Wolf Attachments: BugReportInterceptor.java The bug is pretty easy to create. Modify the CalculaterBean in the security example that is distributed with JBoss embedded like this import javax.annotation.Resource; import java.security.Principal; import javax.ejb.SessionContext; .. public class CalculatorBean implements Calculator { @Resource SessionContext ctx; @RolesAllowed({"student"}) public int subtract(int x, int y) { Principal caller = ctx.getCallerPrincipal(); //Nullpointer return x - y; } The exception full stacktrace: javax.ejb.EJBException: java.lang.NullPointerException at org.jboss.ejb3.tx.Ejb3TxPolicy.handleExceptionInOurTx(Ejb3TxPolicy.java:69) at org.jboss.aspects.tx.TxPolicy.invokeInOurTx(TxPolicy.java:83) at org.jboss.aspects.tx.TxInterceptor$Required.invoke(TxInterceptor.java:197) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) at org.jboss.aspects.tx.TxPropagationInterceptor.invoke(TxPropagationInterceptor.java:76) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) at org.jboss.ejb3.stateless.StatelessInstanceInterceptor.invoke(StatelessInstanceInterceptor.java:62) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) at org.jboss.aspects.security.RoleBasedAuthorizationInterceptor.invoke(RoleBasedAuthorizationInterceptor.java:167) at org.jboss.ejb3.security.RoleBasedAuthorizationInterceptor.invoke(RoleBasedAuthorizationInterceptor.java:100) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) at org.jboss.aspects.security.AuthenticationInterceptor.invoke(AuthenticationInterceptor.java:78) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:47) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) at org.jboss.ejb3.asynchronous.AsynchronousInterceptor.invoke(AsynchronousInterceptor.java:106) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) at org.jboss.ejb3.stateless.StatelessContainer.localInvoke(StatelessContainer.java:181) at org.jboss.ejb3.stateless.StatelessLocalProxy.invoke(StatelessLocalProxy.java:79) at $Proxy15.getSubscriberDetails(Unknown Source) Another user has reported that is is possible to get the principal from org.jboss.security.SecurityAssociation.getPrincipal(), but not from the Session Context.