Re: Providing additional context data to EJB's

Fri, 10 Nov 2000 01:55:34 -0800 

Hi Anders...
You can use the request.getUserPrincipal().getName() for the web tier and
context.getCallerPrincipa().getName() for the EJB tier to retrieve the
username of the authenticated user.

Jerson

-----Original Message-----
From: A mailing list for Enterprise JavaBeans development
[mailto:[EMAIL PROTECTED]]On Behalf Of Engstr�m Anders
Sent: Friday, November 10, 2000 4:12 PM
To: [EMAIL PROTECTED]
Subject: Providing additional context data to EJB's


Hi.

This is my problem:

We are building a multi-tier J2EE application using Oracles iAs9 application
server. The clients will be both servlets, jsp-pages and applets. The
web-tier communicates with session EJB's on the application server using
"light JavaBean mirrors of the EJBs" on the web-tier.

Each user is assigned a role when logging in to the system. This role
(admin, registrator, guest etc.) is used in the EJB-container to restrict
access to certain methods. The JavaBeans in the web-tier uses the role to
look-up the EJB's in the appserver, thereby propagating the role to the
EJB-container.

The problem is that we need to propagate the unique user identity to the
EJB-container as well (for logging and row-based access to the database).
How do we do this in a good maner? I suppose we could send the user-identity
with every method invocation, but that seems stupid :/ Is there a way to put
this information into some kind of context that each EJB within the session
can use? Or, can this be accomplished by setting some kind of context when
looking up the home interface of the first EJB?

Any ideas are welcome!

Best Regards /Anders

--
Anders Engstrom
WM-data eSolutions AB
[EMAIL PROTECTED]
http://www.wmdata.com
====================

===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST".  For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".

===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST".  For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".

Reply via email to