[jboss-jira] [JBoss JIRA] (AS7-3154) GetCallerPrincipal in timeout callback doesn't behave correctly

[Stuart Douglas (JIRA)]

     [ https://issues.jboss.org/browse/AS7-3154?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Stuart Douglas resolved AS7-3154.
---------------------------------

      Assignee: Stuart Douglas
    Resolution: Done


This is now working as expected
                
> GetCallerPrincipal in timeout callback doesn't behave correctly 
> ----------------------------------------------------------------
>
>                 Key: AS7-3154
>                 URL: https://issues.jboss.org/browse/AS7-3154
>             Project: Application Server 7
>          Issue Type: Bug
>          Components: EJB
>    Affects Versions: 7.1.0.CR1b
>            Reporter: arjan tijms
>            Assignee: Stuart Douglas
>              Labels: exception, security, timer
>             Fix For: 7.1.0.Final
>
>         Attachments: EJBTHREE-2274.zip
>
>
> When {{getCallerPrincipal}} is called from within a timeout callback method, JBoss AS either throws an exception or returns the unauthenticated identity, but with the roles of the principal that scheduled the timer (if any).
> Per section 18.2.5.3 of the EJB 3.1 specification this is not correct:
> {quote}
> Since a timeout callback method is an internal method of the bean class, it has no client security context. When getCallerPrincipal is called from within a timeout callback method, it returns the container's representation of the unauthenticated identity.
> {quote}
> EJBTHREE-1036 seems related.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira