I have two applications, an EAR with EJB modules, and a separate WAR
When setting up security, both the EAR and the WAR use the same realm.
Authenticated User subjects are propagated from the WAR to the EAR as
expected. In an EJB, I can access the caller principal and check is
Now I am trying to write some system code for startup in the WAR. I
a Servlet and annotate it with @RunAs("System") with hopes the code in
Did you mean the init() method of the servlet here ?. I will need to
check with the Spec people if this is a Bug. From the Servlet 3.0 spec
and JSR 250 spec it is not very clear if this should have worked.
Although by common sense since you placed the annotation on the class it
should probably apply to init().
Will check and get back.
will propagate as a System Role to the EJBs. I would think
all I would have to do is declare the security role in the web.xml, and
declare a mapping to a group in the sun specific, so I put in web.xml: