geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aaron Mulder (JIRA)" <...@geronimo.apache.org>
Subject [jira] Commented: (GERONIMO-668) Unable to determine username from EJB method
Date Wed, 27 Jul 2005 04:40:22 GMT
    [ http://issues.apache.org/jira/browse/GERONIMO-668?page=comments#action_12316849 ] 

Aaron Mulder commented on GERONIMO-668:
---------------------------------------

That works for me too.  We could even make it an interface that extends Principal, so a custom
LoginModule could either have one of their principal classes implement it or add a separate
Gernoimo LoginModule that just adds a trivial implementation based on the login username (thus
keeping the Geronimo interface out of an otherwise portable custom login module).  I think
it should be pretty obvious how to apply it to our own login modules.  And when the server
needs to reply to getCallerPrincipal, it can scan the principals and return the first one
that implements that interface, or if none do, just the first principal it comes across.

> Unable to determine username from EJB method
> --------------------------------------------
>
>          Key: GERONIMO-668
>          URL: http://issues.apache.org/jira/browse/GERONIMO-668
>      Project: Geronimo
>         Type: Bug
>     Versions: 1.0-M4
>     Reporter: Ivan Dubrov
>     Assignee: David Jencks
>      Fix For: 1.0-M4, 1.0-M5

>
> When calling EJB method from the Web module some important security context information
(username) is lost.  It is impossible to determine caller user name from the EJB method. EJBContext.getCallerPrincipal().getName()
returns something like this:
> [org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal: manager]
> Note that only group name can be determined from this string or from the EJBMethod.getCallerPrincipal().

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


Mime
View raw message