geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Jencks <david_jen...@yahoo.com>
Subject Re: why getCallerPrincipal not "getCallerSubject"?
Date Wed, 17 Oct 2007 15:44:51 GMT

On Oct 17, 2007, at 12:31 AM, Guo-ping.Zhang@sybase.com wrote:

>
> Hi,
>
> I was confused about EJBContext.getCallerPrincipal() signature?
>
> Looks like Subject and Principal can both refer to identity. But  
> from following:
>
> A Subject may have many Principals. For example, a person may have  
> a name Principal ("John Doe") and a SSN Principal ("123-45-6789"),  
> which distinguish it from other subjects.
>
> Why not use Subject instead of Principal to identify the caller? In  
> J2ee specifications, we are also talking about Principal, not Subject?

This hasn't made any sense since at least ejb 2.0.  At the last  
JavaOne I asked the sun security guy about it and IIRC he said he  
might bring it up in a future spec revision.

thanks
david jencks

>
> Thanks & Best Regards,


Mime
View raw message