geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aaron Mulder (JIRA)" <...@geronimo.apache.org>
Subject [jira] Reopened: (GERONIMO-668) Unable to determine username from EJB method
Date Wed, 27 Jul 2005 00:54:18 GMT
     [ http://issues.apache.org/jira/browse/GERONIMO-668?page=all ]
     
Aaron Mulder reopened GERONIMO-668:
-----------------------------------


I think we need to look at this issue in more detail.  I believe the app servers I've used
all managed to pick out the "user" principal to return from getCallerPrincipal, and every
time I've used it it's been with the intention of identifying the login name of the current
user.   It seems that most login modules produce both a "user" and at least one "group" principal.
 We need to be able to figure out which principal class is "primary" and should be returned
from getCallerPrincipal.  It seems like this could be metadata we associate with the login
module or realm.

> Unable to determine username from EJB method
> --------------------------------------------
>
>          Key: GERONIMO-668
>          URL: http://issues.apache.org/jira/browse/GERONIMO-668
>      Project: Geronimo
>         Type: Bug
>     Versions: 1.0-M4
>     Reporter: Ivan Dubrov
>     Assignee: David Jencks
>      Fix For: 1.0-M4, 1.0-M5

>
> When calling EJB method from the Web module some important security context information
(username) is lost.  It is impossible to determine caller user name from the EJB method. EJBContext.getCallerPrincipal().getName()
returns something like this:
> [org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal: manager]
> Note that only group name can be determined from this string or from the EJBMethod.getCallerPrincipal().

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


Mime
View raw message