问题
I have many EJBs with my business methods. These methods use @RolesAllowed annotation to check if user can execute this method.
So I have an EJB Scheduler that calls these EJB methods. EJB schedulers runs with anonymous user, so authorization fails.
How I can run my schedulers with other role? For testing proposes, I run with @RunAs("SYSTEM") annotation, but I don't know if this is right.
My scheduler class
@RunAs("SYSTEM")
public class InboxScheduler {
protected void inboxFileScan(Timer t) {
receiptFilesService.receiptFiles();
}
}My EJB class
@RolesAllowed("SYSTEM")
public void receiptFiles() {
// do anything
}回答1:
Yes, that's a right use.
The section 12.3.4.1 of the EJB 3.2 specification says that all methods of your bean (including timeout callback methods) will have the identity defined in run-as.
From spec: The run-as identity applies to the enterprise bean as a whole, that is, to all methods of the enterprise bean’s business, home, and component interfaces, no-interface view, and/or web service endpoint; to the message listener methods of a message-driven bean; and to the timeout callback methods of an enterprise bean; and all internal methods of the bean that they might in turn call.
来源:https://stackoverflow.com/questions/4914804/using-runas-in-my-ejb-schedulers