This discussion is archived
13 Replies Latest reply: Oct 24, 2012 10:00 AM by jtahlborn RSS

Problem passing data to stateless EJB

920164 Newbie
Currently Being Moderated
hi all;
I don't know if this is the right place to post this issue, but i hope to find a solution from your experience.
I have an already developed J2ee application, that uses EJB (stateless session beans) to implement the business logic of the application. An auditing functionality is required to be added to the application were the user who did an action (UID- update, insert, delete) needs to be logged, my problem is how to pass the logged in user id to the EJB without changing the signature of the methods? dose anyone have any idea? please note that the login functionality i an application level one (username matching password in a table)
Thanks in advance....

Edited by: 917161 on Mar 11, 2012 1:36 PM
  • 1. Re: Problem passing data to stateless EJB
    r035198x Pro
    Currently Being Moderated
    You can get the principal in session beans through the session context
    //you can inject the session context into the bean
    @Resource
    private SessionContext sessionContext ;
     
    //then in the method you do
    sessionContext.getCallerPrincipal()
    For this functionality consider using an Interceptor rather than copying and pastying the solution across many beans. Unless if you have one DAO ejb (you shouldn't have an EJB DAO per entity any way).
  • 2. Re: Problem passing data to stateless EJB
    920164 Newbie
    Currently Being Moderated
    thanks or your reply, but I did not understand how this will work, as i told u there is no security implementation, the login is an application level one, i need a way to pass the user who do the login to the business layer!!
  • 3. Re: Problem passing data to stateless EJB
    r035198x Pro
    Currently Being Moderated
    First, this is really bad. You really should have used JAAS for this and have proper security available in your EJBs. If your authentication is DB based then you don't even have to write a single line of code to get proper security!
    If you insist on this approach then you need to store the user in a session scope that is accessible to your EJBs. A stateful session bean comes to mind.
  • 4. Re: Problem passing data to stateless EJB
    920164 Newbie
    Currently Being Moderated
    I was frustrated just like you when i saw the code, i am even convinced that it is too late to ask for a functionality like auditing, such functions needs to be addressed at the design level not at this late stage. but this is the case i have now, i cannot move to stat-full EJB option, it seems that the only option that i have is to pass the user id as a parameter in methods calls but this will take a lot of time and efforts, that is why i asked for other options......
  • 5. Re: Problem passing data to stateless EJB
    r035198x Pro
    Currently Being Moderated
    917161 wrote:
    I was frustrated just like you when i saw the code, i am even convinced that it is too late to ask for a functionality like auditing, such functions needs to be addressed at the design level not at this late stage. but this is the case i have now, i cannot move to stat-full EJB option, it seems that the only option that i have is to pass the user id as a parameter in methods calls but this will take a lot of time and efforts, that is why i asked for other options......
    Why can't you use a Stateful EJB? That way you don't have to change the method signatures.
  • 6. Re: Problem passing data to stateless EJB
    920164 Newbie
    Currently Being Moderated
    As i told you, it is not our code, i suggested this thing before , and the company refused for performance issues
  • 7. Re: Problem passing data to stateless EJB
    r035198x Pro
    Currently Being Moderated
    917161 wrote:
    As i told you, it is not our code, i suggested this thing before , and the company refused for performance issues
    Suggest to them to configure JAAS for the security module. That will not impact the existing code at all and provides a cleaner way of adding the auditing requirement.
  • 8. Re: Problem passing data to stateless EJB
    920164 Newbie
    Currently Being Moderated
    Thanks a lot for your help, although i am 100% sure that they will not agree with me (they have nothing to do with technology and they will refuse any extra work) but i will.
    Thanks again;
  • 9. Re: Problem passing data to stateless EJB
    gimbal2 Guru
    Currently Being Moderated
    917161 wrote:
    Thanks a lot for your help, although i am 100% sure that they will not agree with me (they have nothing to do with technology and they will refuse any extra work) but i will.
    Thanks again;
    (my opinion: time to choose a more capable partner...)
  • 10. Re: Problem passing data to stateless EJB
    r035198x Pro
    Currently Being Moderated
    917161 wrote:
    Thanks a lot for your help, although i am 100% sure that they will not agree with me (they have nothing to do with technology and they will refuse any extra work) but i will.
    Thanks again;
    But they are asking for extra work to be done anyway. Changing the EJB interfaces to add security information is much more work than configuring JAAS and picking up the credential from the server side.
  • 11. Re: Problem passing data to stateless EJB
    920164 Newbie
    Currently Being Moderated
    i WISH IF IT IS MY DECISION :D
  • 12. Re: Problem passing data to stateless EJB
    Jayakumar Jayaraman Newbie
    Currently Being Moderated
    Hi r035198x

    I am exactly in similar situation to get logged in user details inside business layer (EJB 3)
    We use DB to store user details

    Nice to read your comment about implementing JAAS without much code....
    Can you please kindly share a little more details to enable JAAS

    Thanks
    Jay
  • 13. Re: Problem passing data to stateless EJB
    jtahlborn Expert
    Currently Being Moderated
    Jayakumar Jayaraman wrote:
    Nice to read your comment about implementing JAAS without much code....
    Can you please kindly share a little more details to enable JAAS
    the internet is full of such information. examples and tutorials abound.

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points