[jboss-jira] [JBoss JIRA] Commented: (EJBTHREE-1945) RunAsIdentity is not propagated correctly

Anton Kolmakov (JIRA) jira-events at lists.jboss.org
Tue Feb 8 08:41:46 EST 2011 

    [ https://issues.jboss.org/browse/EJBTHREE-1945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12580749#comment-12580749 ] 

Anton Kolmakov commented on EJBTHREE-1945:
------------------------------------------

> Is there any workaround to get authenticated from a MDB onMessage method to a access controlled SLSB?

Workaround:

public class JBossRunAsController
{
	private static <T> T doAs(RunAsAction<T> action, String username, String password)
	{
		SecurityClient securityClient = getExceptionSafeSecurityClient();

		securityClient.setSimple(username, password);

		try
		{
			securityClient.login();
		}
		catch (LoginException ex)
		{
			throw new RuntimeException(ex);
		}

		try
		{
			return action.run();
		}
		finally
		{
			securityClient.logout();
		}
	}

	private static SecurityClient getExceptionSafeSecurityClient()
	{
		try
		{
			return SecurityClientFactory.getSecurityClient();
		}
		catch (Exception ex)
		{
			throw new RuntimeException("Failed to get jboss security client: " + ex.getMessage(), ex);
		}
	}
}

MDB {

onMessage {
	JBossRunAsController.doAs(new RunAsAction<Object>()
	{
		public Object run()
		{
			code executed under "username"
		}
	}, "username", "password");

}

}

> RunAsIdentity is not propagated correctly
> -----------------------------------------
>
>                 Key: EJBTHREE-1945
>                 URL: https://issues.jboss.org/browse/EJBTHREE-1945
>             Project: EJB 3.0
>          Issue Type: Bug
>          Components: core
>    Affects Versions: Plugin 1.0.17
>            Reporter: Anton Kolmakov
>            Assignee: Carlo de Wolf
>             Fix For: depchain-1.0.0-alpha-2
>
>         Attachments: EJBTHREE-1945.zip
>
>
> I have one message driven bean  A and two stateless beans B and C.
> A annotated with @RunAs, @RunAsPrincipal and @SecurityDomain.
> B and C annotated with @SecurityDomain.
> A receives message and calls B which calls C.
> RunAsIdentity is propagated to B only but not to C. 
> Why? Is it expected behavior? 
> I expect propagation of RunAsIdentity to all beans in execution chain after bean with @RunAs* annotations.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list