geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kistler <kist...@decisionlens.com>
Subject Trouble obtaining JaaS login context from within EJB
Date Fri, 19 Jun 2009 13:44:36 GMT

Hello,

I'm currently developing an Enterprise application which Comprises of a
servlet and ejb for Geronimo 2.1 and I have secured the Ejb with a Security
Realm configured to authenticate against a SQLLoginModule.  I'm confident
that this is authenticating correctly as I have done negative and positive
testing.

I'm testing my ejb my connecting to it from a servlet as follows:

		CallbackHandler handler = new UserIdPasswordCallbackHandler(user,
password);
		LoginContext ctx = new LoginContext("SecurityRealm",handler);
		ctx.login();

This succeeds when supplied the correct credentials and throws exceptions
with invalid credentials.

I obtain a reference to the remote interface as follows:

Properties prop=new Properties();
			prop.put(Context.INITIAL_CONTEXT_FACTORY,
"org.apache.openejb.client.RemoteInitialContextFactory");
			prop.put("java.naming.provider.url", "ejbd://localhost:4201");
			Context context = new InitialContext(prop);

Object o = context.lookup("SessionManagerBeanRemote");
SessionManagerRemote remote = (SessionManagerRemote)o;

This works correctly as I am able to call my remote ejb methods!

Now - the piece I am missing is I need to be able to obtain the current
Subject that was authenticated.  ie - I need to know the identity of the
user that has been authenticated to use this ejb and is invoking it.  So if
joe was authenticated to use the SessionManager - I need to be able to
obtain joe's login name.

I believe if I was within a web container I'd be able to use the equivalent
of:  HttpServletRequest.getUserPrincipal() ...  Can someone point me to a
reference, decently documented example or something that will tell me what
API I need to use?  I'm happy to do some reading but I've looked around
quite a bit and I think I might be missing something...  There doesn't seem
to be a clear reference to this is the standard geronimo documentation -
only some lite discussion for web containers.

Thanks in advance!
-Keith
-- 
View this message in context: http://www.nabble.com/Trouble-obtaining-JaaS-login-context-from-within-EJB-tp24111796s134p24111796.html
Sent from the Apache Geronimo - Users mailing list archive at Nabble.com.


Mime
View raw message