[jboss-user] [JBoss Seam] - EntitySecurityListener and MDBs
mtpettyp
do-not-reply at jboss.com
Fri Aug 31 10:58:45 EDT 2007
I've just recently started using Seam's JBoss Rules support for securing entities and I've run into an issue. When one of my MDBs tries to write to the database, I get the following exception:
| java.lang.IllegalStateException: No active session context
| at org.jboss.seam.security.Identity.instance(Identity.java:157)
| at org.jboss.seam.security.EntitySecurityListener.postLoad(EntitySecurityListener.java:26)
| ...
|
This makes complete sense, as there obviously isn't a session context in an MDB.
Anyone have any ideas on how to work around this? Ideally I'd like to be able to turn off EntitySecurityListener when running in my MDB, but I can't see an easy way to do this. Each method of EntitySecurityListener checks the static method Identity.isSecurityEnabled(), but if I was to turn security off it would affect my entire application, which is not desirable.
I'd also like to be able turn off entity security for the duration of my authentication method (since I load the User entities to see if the passed-in credentials are valid, but would like to be able to protect access after logging in).
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4080036#4080036
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4080036
More information about the jboss-user
mailing list