On Aug 2, 2006, at 10:53 PM, Dain Sundstrom wrote:
I'm working on the Jencks project again and have discovered that
the container managed security and pool partition by-subject
doesn't work oustide of Geronimo since both depend on obtaining the
current caller's subject from ContextManager.getCurrentCaller(),
which is a Geronimo specific class.
Is there a spec defined way we could be getting the current
caller's subject that would reasonably work in most app servers?
I'm hoping there is something in the JACC spec. If not, I think we
should introduce a hook under these static calls, so we can
redirect them to platform specific APIs when running outside of a
Geronimo server.
You could use
(Subject)PolicyContext.getContext
("javax.security.auth.Subject.container");
which in geronimo delegates to ContextManager.getCurrentCaller()
using a lot of hashmap lookups and security checks.
thanks
david jencks
-dain
