[jboss-user] [EJB3] - Why IsCallerInRole returns true when no DeclaresRole is defined?

Cristi Cioriia do-not-reply at jboss.com
Thu Feb 24 12:45:39 EST 2011

Cristi Cioriia [http://community.jboss.org/people/cristi_cioriia] created the discussion

"Why IsCallerInRole returns true when no DeclaresRole is defined?"

To view the discussion, visit: http://community.jboss.org/message/589583#589583

Hi guys,

I have the following situation in my code as described above:

I have an interceptor class that intercept a stateless EJB A and contains some code like this:

this.sessionContext.isCallerInRole("CONTRACT_" + getId()); //returns true

A user role looks like "CONTRACT_1" and is assigned to the user by the login module. This interceptor intercepts an EJB that does NOT use @DeclaresRoles to declare any role. I am wandering how does this work since the annotation @DeclaresRoles is used specifically to define the roles that can be used in  a isCallerInRole() call? Why doesn't this call return false?

I am using JBOSS 4.2.3.

I am trying to understand how this works especially because I am trying to test my EJBs with OpenEJB, which fails on the line mentioned above if I do not define the role for the EJB with @DeclaresRoles. If I do(by hardcoding the return value in the getId()  method), then it works in OpenEJB too, so I am trying to see how  JBOSS handled the situation so that I maybe adapt it to my test case.

Thanks for your help.

Reply to this message by going to Community

Start a new discussion in EJB3 at Community

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-user/attachments/20110224/fe8afeed/attachment.html 

More information about the jboss-user mailing list