Hi,
I've tried to add an authentication to the standard
mechanism of creating EJB and calling its methods from
an application but eventually I failed since the server
always treats the client as a 'guest' user. I used
the following generic code in the application:
properties = new Hashtable();
properties.put(Context.SECURITY_PRINCIPAL, "myname");
properties.put(Context.SECURITY_CREDENTIALS, "mypassword");
Context initialContext = new InitialContext(properties);
Object o = initialContext.lookup("MyEjb");
myHome = (MyHome) PortableRemoteObject.narrow(o,MyHome.class);
myRemote = myHome.create();
myRemote.myMethod();
By means of realm tool I also added one experimental user:
realmtool.bat -add myname mypassword staff
However, independent of anything the server thinks that the
request comes from guest (e.g., in audit.log or through
getCallerPrincipal() method in myEjb). In particular, if the
method is restricted to be used by a certain role (that does
not include guest) then the method call fails.
What can be wrong here? I would greatly appreciate any
information on how can I authenticate users from a Java
client in j2ee-ri. Does this approach really work in this
implementation?
Regards,
sasha
--
Alexandr A. Savinov, PhD
GMD - German National Research Center for Information Technology
AiS.KD - Autonomous Intelligent Systems Institute, Knowledge Discovery Team
Schloss Birlinghoven, Sankt-Augustin, D-53754 Germany
tel: +49-2241-142629, fax: +49-2241-142072
http://ais.gmd.de/~savinov/
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
