EJB and isCallerInRole: wrong output with multi-roles check in SessionContext

Question

I have a problem with isCallerInRole method from the SessionContext. The application run on Glassfish 2.1 and uses JDK6.

In the following class, I'm exposing two methods that ascertain if the current user has a specific role or not. In particular, I'm going to check for two specific roles, say Role1 and Role2. CheckRemote is the interface for CheckFacade.

@Stateless
@DeclareRoles({"Role1", "Role2"})
public class CheckFacade implements CheckRemote {

    @Resource
    private SessionContext ctx;

    @Override
    public Boolean hasRole1() {
        return ctx.isCallerInRole("Role1");
    }

    @Override
    public Boolean hasRole2() {
        return ctx.isCallerInRole("Role2");
    }
}

When I go to call hasRole1() or hasRole2() I always get false as result, even if the user has the role.

Now, if I consider the following version that is focused only on one role, then everything works fine, i.e. I get false or true if the user has not the role or has the role, respectively.

@Stateless
@DeclareRoles("Role1")
public class CheckFacade implements CheckRemote {

    @Resource
    private SessionContext ctx;

    @Override
    public Boolean hasRole1() {
        return ctx.isCallerInRole("Role1");
    }

}

Maybe I'm missing something. Any idea?

I have the exact same error here. Did you find what is wrong? — pablosaraiva, Oct 31 '14 at 16:13

EJB and isCallerInRole: wrong output with multi-roles check in SessionContext

0 Answers0