This discussion is archived
0 Replies Latest reply: Jan 26, 2012 1:00 AM by 913360 RSS

EJB Security Context propagation in Swing app

913360 Newbie
Currently Being Moderated
Hi All,

I am having an issue with following exception:

java.rmi.RemoteException: EJB Exception: ; nested exception is:
javax.ejb.EJBAccessException: [EJB:010160]Security Violation: User: '<anonymous>' has insufficient permission to access EJB: type=<ejb>

I've read certain forums and found out is that EJB SecurityContext is bound to the thread and that is stored in thread local and
inherented by child threads.
The problem is that this exception is quite rare and users have to restart their GUIs to get rid of it.
The flow is following: Login window -> get username/password -> Use this username/password to create initial context.
The problem is that during login window creating AWT threads are already created and I think what I need to do is:
a) Kill all AWT/Swing threads after users enters login/password into Login window.
b) initialize InitialContext in main thread to make sure it's inherented by all other threads.

There are couple of issues about this - I dont know how to kill AWT/Swing threads. Also if someone knows more elegant solution, would be great.

P.S. I am using Weblogic 10.0.3.

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points