@Context injection in Stateless EJB used by JAX-RS

Question

I have something like this setup below. This is a simplified version but I think it gets the basic idea across. I am using Jersey 2.16, Java 1.8, and Glassfish Open Source 4

Answer 1

Thank you, I have solved using the EJBContext inside the EJBs, as pointed by unwichtich.

In conclusion, SecurityContext is only for the JAX-RS bean, I have used the EJBContext object inplace of SecurityContext into the other java beans. You can also use the SessionContext object but EJBContext interface resembles the SecurityContext one. Here is an usage example:

@DeclareRoles({"administrator","operator","user"})
@PermitAll
@Stateless
public class myFacade {

    @PersistenceContext(unitName = "myPersistencePU")
    private EntityManager em;

    @Resource EJBContext securityContext;

    public DataStuff find(Object id) {
        //Now the securityContext is != null :-D
        String username = securityContext.getCallerPrincipal().getName();
        if(username.equals("gino"){
            return null;
        }
        return getEntityManager().find(entityClass, id);
    }
}

It works auto-magically as expected, the EJB sees the same Principal(s) as the JAX-RS servlet do.