WebLogic: Unable to get user roles in EJB3

Question

WebLogic: Unable to get user roles in EJB3

In my EJB 3, I am trying to test the roles of a principal, but it always returns false.

In my WebLogic 11g console, I defined in the section "MyDomain" → "Security Realms" → "myrealm" → "Users and groups" 3 users (user1, user2 and user3) and 2 groups (role1 and role2); role1 has user1 and user3, role2 has user2 and user3.
My EJB has no additional security (no @RolesAllowed, etc. Or records in DD).

When I test my EJB for roles with sessionContext.isCallerInRole(role);, it always returns false. If I call sessionContext.getCallerPrincipal().getName();, I get the correct user ID.

What am I doing wrong?

+3

java security ejb-3.0 weblogic weblogic11g

Koohoolinn Mar 11 '11 at 15:16

source share

2 answers

Petri pellinen · Answer 1 · 2011-03-14T20:49:39+0000

Did you declare your role using @DeclareRoles or? If I read section 17.2.5.3 correctly, you need to declare the role names that you use when calling isCallerInRole () through one or the other mechanism.

Bluegeminis · Answer 2 · 2014-11-07T21:00:30+0000

If yours is entered sessionContext, the specification of type Type as Container in the annotation works for me @Resource. For instance:.

@Resource(authenticationType=AuthenticationType.CONTAINER)
private SessionContext sessionCtx;

WebLogic: Unable to get user roles in EJB3

More articles: