我有一个匿名WebService EJB - webservice调用正在正常工作。@RunAs for @WebService EJB
现在我想将WebService作为一个特定的SecurityRole来运行。
在一个Webservice,我有以下注释:
@Stateless
@WebService
@DeclareRoles({ "LoggedUser" })
@SecurityDomain("my-jboss-real")
@RunAs("LoggedUser")
public class MyWebService { ...
现在我想从Webservice的方法有与@RolesAllowed({"LoggedUser"})
访问@EJB
我得到:
ERROR [org.jboss.aspects.tx.TxPolicy] javax.ejb.EJBTransactionRolledbackException: javax.ejb.EJBAccessException.message: 'Caller unauthorized'
WARN [org.jboss.ejb3.stateless.StatelessBeanContext] EJBTHREE-1337: do not get WebServiceContext property from stateless bean context, it should already have been injected
ERROR [org.jboss.ws.core.jaxws.SOAPFaultHelperJAXWS] SOAP request exception
javax.ejb.EJBTransactionRolledbackException: javax.ejb.EJBAccessException.message: 'Caller unauthorized'
at org.jboss.ejb3.tx.Ejb3TxPolicy.handleInCallerTx(Ejb3TxPolicy.java:115)
我在JBoss 5.1上运行GA
这是否正确使用@RunAs
还是有另一种方法来做到这一点。
编辑
补充:
@Resource
private WebServiceContext wsCtx;
@Resource
private EJBContext ejbCtx;
myWebServiceMethod(){
...
System.out.println("EJBCtx: " + ejbCtx.getCallerPrincipal());
System.out.println("EJBCtx: " + ejbCtx.isCallerInRole("LoggedUser"));
System.out.println("WebContext: " + wsCtx.getUserPrincipal());
System.out.println("WebContext: " + wsCtx.isUserInRole("LoggedUser"));
...
此输出:
EJBCtx: anonymous
EJBCtx: false
WebContext: anonymous
WebContext: false