[jboss-user] [Beginner's Corner] - Problems with isCallerInRole()

Breako Beats do-not-reply at jboss.com
Thu Jul 8 07:59:52 EDT 2010 

Breako Beats [http://community.jboss.org/people/breako] created the discussion

"Problems with isCallerInRole()"

To view the discussion, visit: http://community.jboss.org/message/551667#551667

--------------------------------------------------------------
Hi,
I am trying to use programmatic seurity for a Stateful Session Bean.

Here is my Statefule Session Bean.

@Stateful
@RolesAllowed("AUTHORIZED_TRAVEL_AGENT")
@DeclareRoles("CREATE_CABIN")
public class TravelAgentSecureBean implements TravelAgentRemote {
     public Cabin createCabin(String name, int deckLevel, int bedCount){
             Principal principal = sessionContext.getCallerPrincipal();
             System.out.println("Caller is=" + principal.getName());    
             Cabin cabin = null;
             if (sessionContext.isCallerInRole("CREATE_CABIN")) {
                 cabin = new Cabin(name, deckLevel, bedCount);
                 entityManager.persist(cabin);
             } else {
                 System.out.println("Sorry mate, you can't create a cabin!");
             }
             return cabin;
     }
}

Here is my Login-config.xml

<application-policy name="Titan">
    <authentication>
      <login-module code="org.jboss.security.auth.spi.UserRolesLoginModule"
        flag="required">
         <module-option name="usersProperties">props/user-titan.properties</module-option>
         <module-option name="rolesProperties">props/roles-titan.properties</module-option> 
      </login-module>
    </authentication>
  </application-policy>

Here are the users.properties

admin=admin
breako=password

Here are the roles.properties

admin=AUTHORIZED_MERCHANT
breako=AUTHORIZED_TRAVEL_AGENT,CREATE_CABIN

My client uses the JBoss SecurityClient to logon.

When I run, the stateful session bean correctly identifies the principal so I am happy the SecurityClient is ok.
But it returns false for isUserInRole("CREATE_CABIN")????

Any ideas what I am missing?

Thanks...

--------------------------------------------------------------

Reply to this message by going to Community
[http://community.jboss.org/message/551667#551667]

Start a new discussion in Beginner's Corner at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2075]

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-user/attachments/20100708/6cfca58c/attachment.html

More information about the jboss-user mailing list