I have a SessionBean Method :
public void contextTest() throws RemoteException {
try {
System.out.println("Principal 1: " + ctx.getCallerPrincipal());
Properties h = new Properties();
h.put(Context.INITIAL_CONTEXT_FACTORY,"weblogic.jndi.WLInitialContextFactory");
h.put(Context.PROVIDER_URL, "t3://localhost:7001");
h.put(Context.SECURITY_PRINCIPAL, "toto");
h.put(Context.SECURITY_CREDENTIALS, "test");
Context new_ctx = new InitialContext(h);
System.out.println("Principal 2: " + ctx.getCallerPrincipal());
} catch (Exception e) {e.printStackTrace(); }
}
When principal "titi" invokes this Method it produces the following output:
Principal 1: titi
Principal 2: toto
As You can see the Method just replaced the Caller Context's principal stored in the ctx field without even touching it. Since my Servlets run on the same JVM and use PassByReference calling this Method twice results in :
Principal 1: titi
Principal 2: toto
Principal 1: toto
Principal 2: toto
I think this is a Bug because it makes it quiet difficult to open two Context's at the same time.
I would like to read some opinions.
-
Inital Context Bug in WebLogic5.1 ?? (5 messages)
- Posted by: Marcel Stremming
- Posted on: October 28 2000 17:59 EDT
Threaded Messages (5)
- ejb security by Sandhya Ghanukot on October 29 2000 08:48 EST
- ejb security by Marcel Stremming on October 29 2000 09:23 EST
- Inital Context Bug in WebLogic5.1 ?? by Dimitri Rakitine on October 29 2000 16:37 EST
- Inital Context Bug in WebLogic5.1 ?? by Dave Wolf on October 30 2000 22:39 EST
- Prinicpals and Caching of Home&Remoteinterfaces by Stefan Frank on June 20 2001 11:30 EDT
-
ejb security[ Go to top ]
- Posted by: Sandhya Ghanukot
- Posted on: October 29 2000 08:48 EST
- in response to Marcel Stremming
how and where to set the principal & roles for enterprise beans?
-sandhya -
ejb security[ Go to top ]
- Posted by: Marcel Stremming
- Posted on: October 29 2000 09:23 EST
- in response to Sandhya Ghanukot
This line sets the Security Principal.
h.put(Context.SECURITY_PRINCIPAL, "toto");
Roles can be mapped to certain principals or groups by using the deployment descriptor. -
Inital Context Bug in WebLogic5.1 ??[ Go to top ]
- Posted by: Dimitri Rakitine
- Posted on: October 29 2000 16:37 EST
- in response to Marcel Stremming
This is correct behaviour - security info is associated with the current thread. -
Inital Context Bug in WebLogic5.1 ??[ Go to top ]
- Posted by: Dave Wolf
- Posted on: October 30 2000 22:39 EST
- in response to Dimitri Rakitine
I thought that the callers credentials override whatever you put into the Properties object passed tot he InitialContext. This is how you then define a page which can run as an unauthenticated user or as an authenticated user.
Dave Wolf
Internet Applications Division
Sybase
-
Prinicpals and Caching of Home&Remoteinterfaces[ Go to top ]
- Posted by: Stefan Frank
- Posted on: June 20 2001 11:30 EDT
- in response to Dimitri Rakitine
If I understand this right, the principal is associated with the calling thread: How does this interfere with the Idea of caching Home&Remoteinterfaces?! The Idea of caching a homeinterface is, that you can skip new IniitialContext&the Lookup for the Home - however, when you store the Home, the second call on <Home>.create(...) has lost the principal (if you do ctx.getCallerPrincipal().getName() you see "guest") - which is not the Principal from the InitialContext that was used to lookup the Home. Is this the intended behaviour?!