Uploaded image for project: 'Application Server 7'
  1. Application Server 7
  2. AS7-5075

Local ejb calls are always anonymous

    XMLWordPrintable

Details

    • Bug
    • Resolution: Won't Do
    • Major
    • None
    • 7.1.2.Final (EAP)
    • EJB
    • Hide

      create an mbean service and call a secured ejb. Inside the ejb try to get the caller principal.

      Show
      create an mbean service and call a secured ejb. Inside the ejb try to get the caller principal.

    Description

      Calling an ejb from within a mbean service for example is always running under 'anonymous' user even with a JAAS login before the invocation.
      Debugging has shown that only a correct security context is created by the SimpleSecurityManager when the call comes from a remote client.

      Attachments

        Activity

          People

            jaikiran Jaikiran Pai (Inactive)
            Michael_Gronau Michael Gronau (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: