We currently don't have it.  At Rutgers we don't use EJBs so we haven't
encountered this.  If someone's willing to assist, we'd be happy to add this
to the Jasig client.

-Scott

On Sun, Feb 22, 2009 at 11:39 AM, sol myr <[email protected]> wrote:

> Hi,
>
> I am using CAS with JBoss 4.2.
>
> I've noticed CAS works great with Servlet/JSP:  withing a Servlet/JSP,
> request.getUserPrincipal() retrieves the correct user details such as
> username.
>
> However, if my Servlet invokes a local EJB, it seems that user details
> aren't propagated into the EJB. Example:
>
> // Servlet invoking a local EJB:
> class MyServlet extends HttpServlet{
>     public void doGet(...){
>          Context ctx=new InitialContext();
>          MyEjb ejb=(MyEjb) ctx.lookup("java:comp/env/myEbj");
>          int result=ejb.calculatePrice(...);
>         ...
>
> // And the EJB (local session bean, ejb 3):
> @Stateless
> @Local(...)
> @RolesAllowed({"Secretary"})
> class MyEjb{
>      public int calculatePrice(...)...
> }
>
> As I mentioned,  *MyServlet* sees the correct userPrincipal, but *MyEjb*
> sees a 'null' user within its ejb context.
> As a result, declarative EJB security doesn't work either (for example, my
> @RolesAllowed annotation).
>
> I have seen similar questions in the past, but couldn't find definite
> replies.
> Would anyone happen to know whether there's any ready-made solution for
> this, especially for JBoss (either by Yale, JASIG, or independent
> extentions)?
> To the best of my knowledge this requires some container-specific code
> (e.g. different code to JBoss / Glassfish etc, not just standard Servlet
> Filters).
>
> Thanks very much.
>
>
>
> --
> You are currently subscribed to [email protected] as: 
> [email protected]
> To unsubscribe, change settings or access archives, see 
> http://www.ja-sig.org/wiki/display/JSG/cas-user
>
>

-- 
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

Reply via email to