1

Where do I set the user context Websphere uses when it calls a @Startup EJB?

I have a Java EE application with a startup EJB, and I know that it sets a user when calling the EJB, since the call fails due to missing roles. However, I couldn't find where to set the user.

Arjan Tijms
  • 37,782
  • 12
  • 108
  • 140
Thomas Stets
  • 3,015
  • 4
  • 17
  • 29
  • 1
    Can you show the stack trace of the failure? The invocation of the `@PostConstruct` of a `@Startup` EJB should not require any authorization. However, if the `@PostConstruct` makes another call that does require authorization, that would fail; in that case, you would either need to programmatically set the context (using `WSLogin` or equivalent) or use `@RunAs` for the EJB and configure a run-as user (note: this will affect all calls the EJB makes, not just those from `@PostConstruct`). – Brett Kail Oct 13 '15 at 15:33
  • This question is not about the failure (I know about `@RunAs`, though it doesn't work as I expected, but that is another question). This question is about the user context. I know there is one, since WAS gives the user name in the Exception. I just can't figure out where to set it. I know that I may not need to set it, if `@RunAs` works as advertised, but I still want to know :-) – Thomas Stets Oct 14 '15 at 05:25

1 Answers1

1

The EJB spec states that session bean @PostConstruct methods are called in an unspecified security context, and WebSphere does not document a specific security context or allow it to be configured. In practice, singleton session bean @PostConstruct will typically be called with an unauthorized user as the security context. If setting a specific security context is important, then you could open a WebSphere RFE, but I would recommend finding another solution to avoid a vendor-specific solution.

Brett Kail
  • 33,593
  • 2
  • 85
  • 90
  • Thanks, that helps. I posted a question about my problems to get `@RunAs` to work here: http://stackoverflow.com/questions/33118280/cant-get-runas-to-work-in-an-ejb , – Thomas Stets Oct 14 '15 at 06:41