geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From weberjn <webe...@gmail.com>
Subject Re: API for nested subjects?
Date Wed, 18 Jul 2012 15:25:30 GMT
David, 

thanks, I tried this now, 
ContextManager.getCurrentCaller() returns after setCallers
Private Credential: org.apache.geronimo.openejb.ServerIdentityToken@c2015793

but in the EJB ctx.getCallerPrincipal().getName() returns UNAUTHENTICATED

This is a 2.1 EJB with <method-permission>	<unchecked />
but still I think the principal should be transferred, isn't it?

Juergen


David Jencks wrote
> 
> Is this code run in the app client?
> 
> I think there is no pre-existing logged in Subject?  This will mean the
> oldCallers below will have no Subjects in it.
> 
> I think you want 
> 
> ContextManager.setCallers(subject, subject);
> try {
> //whatever
> } finally {
>    ContextManager.clearCallers();
> }
> 
> thanks
> david jencks
> 
> On Jul 18, 2012, at 8:50 AM, weberjn wrote:
> 
>> Hi,
>> 
>> I still need nested security context, to invoke EJBs from an application
>> client with changing subjects.
>> 
>> I tried the ContextManager code below, but it does not work, the current
>> subject is null.
>> Is there a better code for this?
>> 
>> Thanks, Juergen
>> 
>> See also:
>> https://issues.apache.org/jira/browse/GERONIMO-4765
>> https://java2s.com/Open-Source/Java/EJB-Server/geronimo/security/org/apache/geronimo/security/ContextManagerTest.java.htm
>> 
>> 
>> context.login();
>> subject subject = context.getSubject();
>> 
>> ContextManager.registerSubject(subject);
>> Callers oldCallers = ContextManager.pushNextCaller(subject);
>> // sowhere other in the call chain
>> try
>> {
>> 	Subject subject1 = ContextManager.getCurrentCaller();
>> 	
>> 	System.out.println("getCurrentSubject1() -> " + subject1);
>> 	
>> 	// invoke EJB here under subject1
>> }
>> finally
>> {
>> 	ContextManager.popCallers(oldCallers);
>> }
>> 
>> getCurrentSubject1() -> null
>> 
>> 
>> 
>> --
>> View this message in context:
>> http://apache-geronimo.328035.n3.nabble.com/API-for-nested-subjects-tp3985483.html
>> Sent from the Users mailing list archive at Nabble.com.
> 


--
View this message in context: http://apache-geronimo.328035.n3.nabble.com/API-for-nested-subjects-tp3985483p3985485.html
Sent from the Users mailing list archive at Nabble.com.

Mime
View raw message