Skip to Main Content

EJB Security Context propagation

913360Jan 26 2012
Hi All,

I am having an issue with following exception:

java.rmi.RemoteException: EJB Exception: ; nested exception is:
javax.ejb.EJBAccessException: [EJB:010160]Security Violation: User: '<anonymous>' has insufficient permission to access EJB: type=<ejb>

I've read certain forums and found out is that EJB SecurityContext is bound to the thread and that is stored in thread local and
inherented by child threads.
The problem is that this exception is quite rare and users have to restart their GUIs to get rid of it.
The flow is following: Login window -> get username/password -> Use this username/password to create initial context.
The problem is that during login window creating AWT threads are already created and I think what I need to do is:
a) Kill all AWT/Swing threads
b) initialize InitialContext in main thread to make sure it's inherented by all other threads.

There are couple of issues about this - I dont know how to kill AWT/Swing threads. Also if someone knows more elegant solution, would be great.
Post Details
Added on Jan 26 2012