1

I'm running on glassfish v4 and I use a messagedriven bean. Currently I'm defining the principal under which the bean runs in the glassfish-ejb-jar.xml like:

<enterprise-beans>
  <ejb>
    <ejb-name>MessageConsumerBean</ejb-name>
    <principal>
      <name>MDBPrincipal</name>
    </principal>

Is it possible to do the same using just annotations e.g. @MessageDriven?

Roland
  • 7,525
  • 13
  • 61
  • 124
  • Did you tried the @RunAs annotation? It won't set the caller principal but will allow you to run protected methods. – nomoa Oct 21 '14 at 13:12
  • @nomoa yes. But as you said, it won't set the Principal. – Roland Oct 21 '14 at 13:59
  • Well, I have no other clue except digging into GF source code for an obscure @ActivationConfigProperty. It's a known limitation of MDB (see Programming Restrictions Applying to MDBs at http://underpop.online.fr/j/java/expert-one-on-one-j2ee-design-and-development/lib0066.html) – nomoa Oct 21 '14 at 15:32
  • @nomoa So is it that MDBs don't have a Principal by design? If so that would be an answer. – Roland Oct 21 '14 at 15:42
  • Principal is not propagated from client (message sender) to MDB by design. It's why there is no Principal in MDB. If MDB is need to be granted a specific role then RunAs is OK. But if you need Principal for some application logic I'm afraid there's only platform dependent solution like RunAsPrincipal (JBoss) or glassfish-ejb-jar.xml in your case (can't find any glassfish custom annotations). – nomoa Oct 22 '14 at 06:24
  • @nomoa if you can put this as an answer and add some official docu(maybe ejb/mdb spec) the bounty is yours. – Roland Oct 22 '14 at 13:20

1 Answers1

1

According to https://java.net/downloads/ejb-spec/mdb.no-method.interface.pdf section 5.4.14 page 133 a Principal may be propagated in the security context but details are not governed by the EJB spec. In other words it's a platform dependent feature.

One can use @RunAs If MDB need to be granted a specific role to run some protected @RolesAllowed method.

If you need Principal for some application logic I'm afraid there's only platform dependent solution like RunAsPrincipal (JBoss) or glassfish-ejb-jar.xml in your case.

nomoa
  • 1,043
  • 6
  • 18