Return-Path: 
 <user-return-7987-apmail-geronimo-user-archive=geronimo.apache.org@geronimo.apache.org>
Delivered-To: apmail-geronimo-user-archive@www.apache.org
Received: (qmail 48621 invoked from network); 17 Oct 2007 15:46:14 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2)
  by minotaur.apache.org with SMTP; 17 Oct 2007 15:46:14 -0000
Received: (qmail 13692 invoked by uid 500); 17 Oct 2007 15:45:59 -0000
Delivered-To: apmail-geronimo-user-archive@geronimo.apache.org
Received: (qmail 13674 invoked by uid 500); 17 Oct 2007 15:45:59 -0000
Mailing-List: contact user-help@geronimo.apache.org; run by ezmlm
Precedence: bulk
list-help: <mailto:user-help@geronimo.apache.org>
list-unsubscribe: <mailto:user-unsubscribe@geronimo.apache.org>
List-Post: <mailto:user@geronimo.apache.org>
Reply-To: user@geronimo.apache.org
List-Id: <user.geronimo.apache.org>
Delivered-To: mailing list user@geronimo.apache.org
Received: (qmail 13663 invoked by uid 99); 17 Oct 2007 15:45:59 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 17 Oct 2007 08:45:59 -0700
X-ASF-Spam-Status: No, hits=2.0 required=10.0
	tests=HTML_MESSAGE,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (athena.apache.org: local policy)
Received: from [69.147.95.80] (HELO smtp117.plus.mail.sp1.yahoo.com)
 (69.147.95.80)
    by apache.org (qpsmtpd/0.29) with SMTP; Wed, 17 Oct 2007 15:46:02 +0000
Received: (qmail 38673 invoked from network); 17 Oct 2007 15:44:42 -0000
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
  s=s1024; d=yahoo.com;
  h=Received:X-YMail-OSG:Mime-Version:In-Reply-To:References:Content-Type:Message-Id:From:Subject:Date:To:X-Mailer;
  b=tcgpvtnNC8kFm92bPi5Xefbeis05nGlAgoiQwIVXktBJmpS0Ue9b7fgIaM6p0m34RZKi8vFO8tjPCWi3BPms2Oq8mDlPzuZd7XTnfQB/J49bOcI9iLvadJEok6U7IhGbGednoqRZBZkySNGuWcPZiC4LMQFH9rR7T2J0dNrr2xM=
  ;
Received: from unknown (HELO ?192.168.1.101?) (david_jencks@67.102.173.8 with
 plain)
  by smtp117.plus.mail.sp1.yahoo.com with SMTP; 17 Oct 2007 15:44:41 -0000
X-YMail-OSG: 
 RJgO1FAVM1njdEAD6nw_fPWwRay13PMApbGW7W4HrzUXhoG980g21GkY1OgDeSxFXZ1v6wXHjTTEG3oFqXm1K.SYG0feY9clCeWMedzWrAIyPP9npw--
Mime-Version: 1.0 (Apple Message framework v752.3)
In-Reply-To: 
 <OF7D84F585.15C503D2-ON48257377.002940EF-48257377.00294E03@sybase.com>
References: 
 <OF7D84F585.15C503D2-ON48257377.002940EF-48257377.00294E03@sybase.com>
Content-Type: multipart/alternative; boundary=Apple-Mail-8--419672846
Message-Id: <43D16CA1-5127-4D34-91F6-0FE801712B25@yahoo.com>
From: David Jencks <david_jencks@yahoo.com>
Subject: Re: why getCallerPrincipal not "getCallerSubject"?
Date: Wed, 17 Oct 2007 08:44:51 -0700
To: user@geronimo.apache.org
X-Mailer: Apple Mail (2.752.3)
X-Virus-Checked: Checked by ClamAV on apache.org


--Apple-Mail-8--419672846
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
	charset=US-ASCII;
	delsp=yes;
	format=flowed


On Oct 17, 2007, at 12:31 AM, Guo-ping.Zhang@sybase.com wrote:

>
> Hi,
>
> I was confused about EJBContext.getCallerPrincipal() signature?
>
> Looks like Subject and Principal can both refer to identity. But  
> from following:
>
> A Subject may have many Principals. For example, a person may have  
> a name Principal ("John Doe") and a SSN Principal ("123-45-6789"),  
> which distinguish it from other subjects.
>
> Why not use Subject instead of Principal to identify the caller? In  
> J2ee specifications, we are also talking about Principal, not Subject?

This hasn't made any sense since at least ejb 2.0.  At the last  
JavaOne I asked the sun security guy about it and IIRC he said he  
might bring it up in a future spec revision.

thanks
david jencks

>
> Thanks & Best Regards,


--Apple-Mail-8--419672846
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html;
	charset=ISO-8859-1

<HTML><BODY style=3D"word-wrap: break-word; -khtml-nbsp-mode: space; =
-khtml-line-break: after-white-space; "><BR><DIV><DIV>On Oct 17, 2007, =
at 12:31 AM, <A =
href=3D"mailto:Guo-ping.Zhang@sybase.com">Guo-ping.Zhang@sybase.com</A> =
wrote:</DIV><BR class=3D"Apple-interchange-newline"><BLOCKQUOTE =
type=3D"cite"><BR><FONT size=3D"3">Hi,<BR> <BR> I was confused about =
EJBContext.getCallerPrincipal() signature?<BR> <BR> Looks like Subject =
and Principal can both refer to identity. But from following:<BR> <BR> A =
</FONT><FONT size=3D"3"><TT>Subject</TT></FONT><FONT size=3D"3"> may =
have many </FONT><FONT size=3D"3"><TT>Principal</TT></FONT><FONT =
size=3D"3">s. For example, a person may have a name </FONT><FONT =
size=3D"3"><TT>Principal</TT></FONT><FONT size=3D"3"> ("John Doe") and a =
SSN </FONT><FONT size=3D"3"><TT>Principal</TT></FONT><FONT size=3D"3"> =
("123-45-6789"), which distinguish it from other subjects.<BR> <BR> Why =
not use Subject instead of Principal to identify the caller? In J2ee =
specifications, we are also talking about Principal, not =
Subject?<BR></FONT></BLOCKQUOTE><DIV><BR =
class=3D"khtml-block-placeholder"></DIV>This hasn't made any sense since =
at least ejb 2.0.=A0 At the last JavaOne I asked the sun security guy =
about it and IIRC he said he might bring it up in a future spec =
revision.</DIV><DIV><BR =
class=3D"khtml-block-placeholder"></DIV><DIV>thanks</DIV><DIV>david =
jencks</DIV><DIV><BR><BLOCKQUOTE type=3D"cite"><FONT size=3D"3"> <BR> =
Thanks &amp; Best Regards, </FONT></BLOCKQUOTE></DIV><BR></BODY></HTML>=

--Apple-Mail-8--419672846--