> an EJB uses > getCallerPrincipal().getName() to get the name of the currently logged in > user. But this getCallerPrincipal().getName() always returns "anonymous" > user instead of the CAS authorized username.
It's my understanding that JBoss, and the JEE framework in general, relies on JAAS to populate the principal in the context you described. We are interested in a CAS JAAS plugin for this very purpose and are considering developing a proof of concept in the near future. I'll update this thread with a Jira issue if it makes it far enough to propose for inclusion in the Jasig Java CAS client. Until then, you might consider http://www.ja-sig.org/wiki/display/CASC/CASLoginModule+for+JAAS+applications. > We are using JBoss 4.0.5 .And > getUserPrincipal() returns the username from a JSP page. That's altogether different from the EJB principal. The CAS HttpServletRequestWrapperFilter servlet filter wraps the getUserPrincipal() and getRemoteUser() methods of the HttpServletRequest to provide that functionality. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
