Client information available to EJB


EJB design: Client information available to EJB

  1. Client information available to EJB (2 messages)

    What type of information about the client calling a method of a session EJB is available to that EJB. For example, suppose a Servlet calls a business method of stateless EJB. From the EJBs point of view, what does it know about the caller? Can it determine:

    1. Some identification information about the caller. I see that I can obtain a Principal object but I haven't experimentd to see how granular this information is.
    2. Information set in an Environmental variable that is not necessarily a method argument?

    What I am looking for ideally is for a stateless EJB to get a request and say "Ahh, this request is from user X with session id Z." Is this even possible?

    An EJB container lookup table would be sweet!
  2. I´m afraid that if in your bussiness model you need the session id, you have missed the points with EJB.
    EJBs should be aware of web layer. If you need to identify user, you could use EJB authentication, but it´s nonsense the session ID of web layer.

    You should try to make both layer independent of the other framework layer.

    Modelos de Negocio basados en Software Libre.
  3. custom Principal[ Go to top ]

    You could plug in to the security providers/login modules of the container and create a custom principal with whatever data you need. THen get that caller's principal and use it. But like how the other person has said - maintaining the session ids etc is bad design.