[jboss-jira] [JBoss JIRA] (EJBTHREE-2274) GetCallerPrincipal in timeout callback doesn't behave correctly
SBS JIRA Integration (Updated) (JIRA)
jira-events at lists.jboss.org
Mon Nov 28 17:45:40 EST 2011
[ https://issues.jboss.org/browse/EJBTHREE-2274?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
SBS JIRA Integration updated EJBTHREE-2274:
-------------------------------------------
Forum Reference: http://community.jboss.org/message/638535#638535, http://community.jboss.org/thread/175405 (was: http://community.jboss.org/thread/175405)
> GetCallerPrincipal in timeout callback doesn't behave correctly
> ----------------------------------------------------------------
>
> Key: EJBTHREE-2274
> URL: https://issues.jboss.org/browse/EJBTHREE-2274
> Project: EJB 3.0
> Issue Type: Bug
> Reporter: arjan tijms
> Labels: exception, security, timer
>
> When {{getCallerPrincipal}} is called from within a timeout callback method, JBoss AS either throws an exception or returns the unauthenticated identity, but with the roles of the principal that scheduled the timer (if any).
> Per section 18.2.5.3 of the EJB 3.1 specification this is not correct:
> {quote}
> Since a timeout callback method is an internal method of the bean class, it has no client security context. When getCallerPrincipal is called from within a timeout callback method, it returns the container's representation of the unauthenticated identity.
> {quote}
> EJBTHREE-1036 seems related.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list