tomee-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Anthony Fryer <>
Subject SessionContext isCallerInRole always returns false
Date Wed, 20 Jun 2012 22:45:12 GMT
I have a Stateless Session EJB with an injected SessionContext.  I have a
method where i try to use the isCallerInRole method to determine if a user
is an ADMIN user or not but this method always returns false, even for users
that are ADMIN users.  The code is below...

public class UserImpl implements UserService {

        @PersistenceContext(unitName="poker-entities") private EntityManager

        @Resource private SessionContext sctx;

        public void userUpdate(User user) {

                User currentUser = this.findCurrentUser();
                if (currentUser == null || (currentUser.getId() !=
user.getId() && !sctx.isCallerInRole("ADMIN"))) {
                        throw new EJBAccessException("Principal does not
have permission to call this method");


If i change the @RolesAllowed annotation to @RolesAllowed({"ADMIN"}) which
guarantees that only ADMIN users can call the method, the call to
sctx.isCallerInRole("ADMIN") still returns false.



View this message in context:
Sent from the OpenEJB User mailing list archive at

View raw message