[ http://issues.apache.org/jira/browse/GERONIMO-668?page=comments#action_12316849 ]
Aaron Mulder commented on GERONIMO-668: --------------------------------------- That works for me too. We could even make it an interface that extends Principal, so a custom LoginModule could either have one of their principal classes implement it or add a separate Gernoimo LoginModule that just adds a trivial implementation based on the login username (thus keeping the Geronimo interface out of an otherwise portable custom login module). I think it should be pretty obvious how to apply it to our own login modules. And when the server needs to reply to getCallerPrincipal, it can scan the principals and return the first one that implements that interface, or if none do, just the first principal it comes across. > Unable to determine username from EJB method > -------------------------------------------- > > Key: GERONIMO-668 > URL: http://issues.apache.org/jira/browse/GERONIMO-668 > Project: Geronimo > Type: Bug > Versions: 1.0-M4 > Reporter: Ivan Dubrov > Assignee: David Jencks > Fix For: 1.0-M4, 1.0-M5 > > When calling EJB method from the Web module some important security context > information (username) is lost. It is impossible to determine caller user > name from the EJB method. EJBContext.getCallerPrincipal().getName() returns > something like this: > [org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal: manager] > Note that only group name can be determined from this string or from the > EJBMethod.getCallerPrincipal(). -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
