【发布时间】:2018-12-18 04:14:06
【问题描述】:
我正在使用 ConfigBean 来填充我的 BD,如下所示:
@Singleton
@Startup
@RunAs("Administrator")
public class ConfigBean {
@EJB
private ClientBean clientBean;
@EJB
private AdministratorBean adminstratorBean;
@PostConstruct
public void populateDB() {
try{
clientBean.create(new ClientDTO("client1", "secret", "Manuel", "dae.ei.ipleiria@gmail.com", "Av. José Maceda", "918 923 232"));
clientBean.create(new ClientDTO("client2", "secret", "Manuel", "dae.ei.ipleiria@gmail.com", "Av. Alberto Alves", "+00351 256 0033 12"));
adminstratorBean.create(new AdministratorDTO("administrator1", "secret", "Manuel", "dae.ei.ipleiria@gmail.com", "Director"));
}catch(Exception ex){
System.out.println(ex);
}
}
我的两个豆子都是这样的:
@POST
@RolesAllowed("Administrator")
@Consumes(MediaType.APPLICATION_XML)
@Produces(MediaType.APPLICATION_XML)
public Response create(AdministratorDTO administratorDTO){...}
至于我的 web.xml:
...
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>dae_project_realm</realm-name>
</login-config>
<security-role>
<description/>
<role-name>Client</role-name>
</security-role>
<security-role>
<role-name>Administrator</role-name>
</security-role>
</web-app>
一切似乎都很好。但是,当我运行应用程序并调用 populateDB 方法时,我不断收到错误消息:
javax.ejb.AccessLocalException: Client not authorized for this invocation
我看到了一些有趣的链接,但仍然无法使用:
- Can't get @RunAs to work in an EJB(选项不存在)
- https://developer.jboss.org/thread/175108(不是计时器的粉丝,无法从@WebServlet 调用路由)
- https://samaxes.com/2014/11/test-javaee-security-with-arquillian/(无法使其工作,而且我仍然不确定是否可以使用它来填充 BD。)
- Using a secured EJB from a JAX-RS web service(解决不了)
【问题讨论】:
标签: jax-rs ejb java-ee-7 glassfish-4.1