I have my business classes protected by EJB3 security annotations, now I would like to call these methods from a Spring controller, how do I do it?
edit I will add some information about my setup, I'm using Tomcat for the webcontainer and OpenEJB for embedding EJB into tomcat. I did not settle on any version of spring so it's more or less open to suggestions.
edit current setup works this way :
I have a login form + controller that puts a User pojo inside SessionContext. Each time someone access a secured part of the site, the application checks for the User pojo, if it's there check roles and then show the page, if it's not show a appropriate message or redirect to login page. Now the bussiness calls are made thanks to a call method inside User which bypass a probable security context which is a remix of this code found in openejb security examples :
Caller managerBean = (Caller) context.lookup("ManagerBeanLocal");
managerBean.call(new Callable() {
public Object call() throws Exception {
Movies movies = (Movies) context.lookup("MoviesLocal");
movies.addMovie(new Movie("Quentin Tarantino", "Reservoir Dogs", 1992));
movies.addMovie(new Movie("Joel Coen", "Fargo", 1996));
movies.addMovie(new Movie("Joel Coen", "The Big Lebowski", 1998));
List<Movie> list = movies.getMovies();
assertEquals("List.size()", 3, list.size());
for (Movie movie : list) {
movies.deleteMovie(movie);
}
assertEquals("Movies.getMovies()", 0, movies.getMovies().size());
return null;
}
});