geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Blevins <david.blev...@visi.com>
Subject Re: JACC, ACCs and JAAS API Q
Date Mon, 24 Nov 2003 21:15:51 GMT
On Mon, Nov 24, 2003 at 11:00:49PM +0100, Bordet, Simone wrote:
> Hi Alan and others,
> 
> just curious if JACC somehow requires user code (servlet, EJB) to be able to do:
> 
> Subject s = Subject.getSubject(AccessController.getContext());

Nope.  User code still only has access the the Principle objec through getCallerPrinciple


> Or perhaps the whole machinery is only internal to the container ?

Right.
 
> I'm asking this to understand if you guys find out a fast way to associate a Subject
with an ACC without using the JAAS API (i.e. Subject.doAs()), but still have the JAAS API
to work fine (i.e. Subject.getSubject()).

In the JACC spec the PolicyProvider doesn't even get the subject through a Subject.getSubject(),
but rather uses a special callback handler to get it indirectly from the container.

So, in, short it doesn't mix with JAAS post-login.

-David


Mime
View raw message