I've just recently started using Seam's JBoss Rules support for securing entities
and I've run into an issue. When one of my MDBs tries to write to the database, I get
the following exception:
| java.lang.IllegalStateException: No active session context
| at org.jboss.seam.security.Identity.instance(Identity.java:157)
| at
org.jboss.seam.security.EntitySecurityListener.postLoad(EntitySecurityListener.java:26)
| ...
|
This makes complete sense, as there obviously isn't a session context in an MDB.
Anyone have any ideas on how to work around this? Ideally I'd like to be able to turn
off EntitySecurityListener when running in my MDB, but I can't see an easy way to do
this. Each method of EntitySecurityListener checks the static method
Identity.isSecurityEnabled(), but if I was to turn security off it would affect my entire
application, which is not desirable.
I'd also like to be able turn off entity security for the duration of my
authentication method (since I load the User entities to see if the passed-in credentials
are valid, but would like to be able to protect access after logging in).
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4080036#...
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...