[jboss-dev-forums] [Design of Security on JBoss] - Re: EJB getCallerPrincipal inconsistencies
wonnekeysers
do-not-reply at jboss.com
Fri Jul 28 09:26:33 EDT 2006
Scott,
Looking at http://fisheye.labs.jboss.com/viewrep/JBoss/jboss-ejb3/src/main/org/jboss/ejb3/BaseSessionContext.java?r=1.24&%40annotateMode=age the method getCallerPrincipal() throws an IllegalStateException when the principal is null.
Is this the desired functionality, because the EJB3 spec mentions the following:
anonymous wrote : If the anonymous principal type was propagated or the identity token was absent, then EJBContext.getCallerPrincipal().getName() returns a product-specific unauthenticated principal name.
I ran into this problem in a unit test running inside embeddable ejb3 where the ejb did not have security configured at all...
Thanks
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3961551#3961551
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3961551
More information about the jboss-dev-forums
mailing list