JBoss Community

Re: Can't get SessionContext.isCallerInRole(...) to work from remote call.

created by Krister Wicksell in EJB3 - View the full discussion

Hi,

 

I have added the following to login-config.xml:

 

...
<policy 
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
  xsi:schemaLocation="urn:jboss:user-roles:1.0 resource:user-roles_1_0.xsd"
  xmlns:ur="urn:jboss:user-roles:1.0">

  <application-policy name="zert">
    <authentication>
      <login-module code="org.jboss.security.auth.spi.XMLLoginModule" flag="required">
        <module-option name="userInfo">
          <ur:users>
            <ur:user name="admin" password="test">
              <ur:role name="administrator"></ur:role>
              <ur:role name="producer"></ur:role>
              <ur:role name="consumer"></ur:role>
            </ur:user>
          </ur:users>
        </module-option>
        <module-option name="unauthenticatedIdentity">guest</module-option>
      </login-module>
    </authentication>
  </application-policy> 
...

 

And my bean look like this:

 

 

@Stateless
@Remote({Test.class})
@SecurityDomain("zert")
@DeclareRoles({"administrator", "producer", "consumer"})
public class TestBean implements Test {
  @Resource 
  private SessionContext context;
 
  @Override
  @RolesAllowed(value={"administrator"})  
  public boolean checkRole() {
    System.out.println("In checkRole()");
    return context.isCallerInRole("administrator");    
  }
}

 

/Krister

Reply to this message by going to Community

Start a new discussion in EJB3 at Community