3

我有一个用 注释的方法@RolesAllowed,该方法需要从@Schedule位于另一个 Ejb 中的计时器 () 调用。但我只得到一个授权例外:WARNUNG: javax.ejb.AccessLocalException: Client not authorized for this invocation

 @RolesAllowed("user")
 @Stateless
 public class RatingService {
    public void recalculateRating() {...}
 }

 @Singleton
 @Startup     
 public class TimerService {

     @EJB private RatingService ratingService;

     @Schedule(minute = "0", hour = "*")
     public void timerTriggeredRecalculate() {        
          this.ratingService.recalculateRating();
     }
 }

我接受这个异常,但是如何@RolesAllowed从 Timer 调用受保护的方法?

我也尝试添加@RunAs("user")TimerService类。但后来我得到了这个例外:

SCHWERWIEGEND: SECEJB9000: Exception while running pre-invoke
java.lang.NullPointerException
    at java.util.Arrays$ArrayList.<init>(Arrays.java:3357)
    at java.util.Arrays.asList(Arrays.java:3343)
    at com.sun.enterprise.security.auth.realm.file.FileRealm.getGroupNames(FileRealm.java:291)
    at com.sun.enterprise.security.auth.login.LoginContextDriver.loginPrincipal(LoginContextDriver.java:294)
    at org.glassfish.ejb.security.application.EJBSecurityManager$2.run(EJBSecurityManager.java:825)
    at com.sun.enterprise.security.common.AppservAccessController.doPrivileged(AppservAccessController.java:61)
    at org.glassfish.ejb.security.application.EJBSecurityManager.loginForRunAs(EJBSecurityManager.java:823)
    at org.glassfish.ejb.security.application.EJBSecurityManager.preInvoke(EJBSecurityManager.java:791)
    at org.glassfish.ejb.security.application.EjbSecurityComponentInvocationHandler$1.beforePreInvoke(EjbSecurityComponentInvocationHandler.java:84)
    at org.glassfish.api.invocation.InvocationManagerImpl.preInvoke(InvocationManagerImpl.java:156)
    at com.sun.ejb.containers.AbstractSingletonContainer.createSingletonEJB(AbstractSingletonContainer.java:487)
    at com.sun.ejb.containers.AbstractSingletonContainer.access$100(AbstractSingletonContainer.java:79)
    at com.sun.ejb.containers.AbstractSingletonContainer$SingletonContextFactory.create(AbstractSingletonContainer.java:719)
    at com.sun.ejb.containers.AbstractSingletonContainer.instantiateSingletonInstance(AbstractSingletonContainer.java:451)
    at org.glassfish.ejb.startup.SingletonLifeCycleManager.initializeSingleton(SingletonLifeCycleManager.java:216)
    at org.glassfish.ejb.startup.SingletonLifeCycleManager.initializeSingleton(SingletonLifeCycleManager.java:177)
    at org.glassfish.ejb.startup.SingletonLifeCycleManager.doStartup(SingletonLifeCycleManager.java:155)
    at org.glassfish.ejb.startup.EjbApplication.start(EjbApplication.java:177)
    at org.glassfish.internal.data.EngineRef.start(EngineRef.java:130)
    at org.glassfish.internal.data.ModuleInfo.start(ModuleInfo.java:269)
    at org.glassfish.internal.data.ApplicationInfo.start(ApplicationInfo.java:301)
    at com.sun.enterprise.v3.server.ApplicationLifecycle.deploy(ApplicationLifecycle.java:461)
    at com.sun.enterprise.v3.server.ApplicationLifecycle.deploy(ApplicationLifecycle.java:240)
    at org.glassfish.deployment.admin.DeployCommand.execute(DeployCommand.java:389)
    at com.sun.enterprise.v3.admin.CommandRunnerImpl$1.execute(CommandRunnerImpl.java:348)
    at com.sun.enterprise.v3.admin.CommandRunnerImpl.doCommand(CommandRunnerImpl.java:363)
    at com.sun.enterprise.v3.admin.CommandRunnerImpl.doCommand(CommandRunnerImpl.java:1085)
    at com.sun.enterprise.v3.admin.CommandRunnerImpl.access$1200(CommandRunnerImpl.java:95)
    at com.sun.enterprise.v3.admin.CommandRunnerImpl$ExecutionContext.execute(CommandRunnerImpl.java:1291)
    at com.sun.enterprise.v3.admin.CommandRunnerImpl$ExecutionContext.execute(CommandRunnerImpl.java:1259)
    at com.sun.enterprise.v3.admin.AdminAdapter.doCommand(AdminAdapter.java:461)
    at com.sun.enterprise.v3.admin.AdminAdapter.service(AdminAdapter.java:212)
    at com.sun.grizzly.tcp.http11.GrizzlyAdapter.service(GrizzlyAdapter.java:179)
    at com.sun.enterprise.v3.server.HK2Dispatcher.dispath(HK2Dispatcher.java:117)
    at com.sun.enterprise.v3.services.impl.ContainerMapper$Hk2DispatcherCallable.call(ContainerMapper.java:354)
    at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195)
    at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:849)
    at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:746)
    at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1045)
    at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:228)
    at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
    at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
    at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
    at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
    at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
    at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
    at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
    at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
    at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
    at java.lang.Thread.run(Thread.java:662)

服务器是 Glassfish 3.1.2

4

2 回答 2

3

您需要使用带注释的 EJB @RunAs。如果 timer 方法是TimerServiceEJB 公开的唯一方法,那么您可以@RunAs直接将其添加到该类。否则,您需要创建一个PrivilegedRatingService具有@RunAs.

TimerService顺便说一句,考虑到与 . 的冲突,对于 EJB 类名可能是一个糟糕的选择javax.ejb.TimerService。)

于 2012-07-13T14:38:05.683 回答
0

我还尝试将 @RunAs("user") 添加到 TimerService 类。但后来我得到了这个例外:..

该消息表明您尚未在文件领域中定义“用户”。例如,在 Glassfish 中,使用应用服务器控制台访问以下内容:

Configuration->Security->Realms->file->Manage users

并添加新用户“用户” - 错误消息应该消失。我有类似的问题,这就是解决方案,所以也许有帮助。

于 2012-09-10T08:00:59.927 回答