> -----Original Message-----
> From: Shevland, Joe [mailto:joe.shevland_at_capgemini.com]
> Sent: Thursday, 26 April 2007 10:44 AM
> To: users_at_glassfish.dev.java.net
> Subject: RE: RunAs on servlet being ignored
>
[snip]
> OK thanks very much Bobby, that all makes sense and you're
> quite right,
> I am calling the EJB from the init() method so that might be where I'm
> falling down (had a vague feeling that this might be whats
> going on, but
> then I think I tried a few get/post's on the servlet in
> question and the
> principal I'd logged in with was used, not the run-as one, so
> I'll clean
> things up and retry with that in mind).
>
> It'd be nice if init() did obey the 'run-as' contract for this type of
> initialisation call to the EJB layer, as moving the logic to a service
> method will mean some kind of user interaction.
Just confirming that the run-as does work as expected from the servlet
service/doGet/doPost methods, and not via servlet init() or web context
listeners. The most I can find in the spec about it is section EE 3.5.4,
and as far as I can tell there's no mention of which web components
specifically need to support this (or methods within).
Cheers
Joe
This message contains information that may be privileged or confidential and is the property of the Capgemini Group. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain, copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message.