Problem with EJB3 security in JBoss 4.2.X

November 7th, 2007 Radim Marek Posted in jboss |

Release of JBoss 4.2.X has been significant because of the integration of important bits from Java EE before release of JBoss AS 5. Sadly important fix to align EJB3 security in this branch, announced for version 4.2.1 (JBAS-4198) does not exist. Duplicate ticket (JBAS-4423) has been reason why this issue has been closed in JIRA as duplicate ticket, unfortunately with fix version assigned – yes, you can guess - to 4.2.1.

Therefore if you’re trying to use @RunAs annotation on MDB in order to call secured session beans, you’ll experience following exception:

java.lang.IllegalStateException: No valid security context for the caller identity

I truly hope this task will be integrated into 4.2 branch and we don’t have to wait for release of JBoss AS 5.

Original topic from JBoss Forums:
Bug in SecurityAssociation(?) - EJB3 MDB Calls

My topic to verify the problem:
@RunAs on MDB and not finished alignation of EJB3 security