I tried org.jboss.system.SecurityAssociation.setPrincipal() and it
worked correctly. However, I found that there is a performance overhead
in every method invocation if I set the Principal on the client.
There is an alternative design which doesn't carry the overhead in every
method call. It is to have the JNDI home-interface lookup do the
authentication. Then the Principal in the Home interface can be set,
and any EJBObjects obtained by create or find from that home interface
inherit the user's context.
Using this method, the Principal / credentials only need to pass through
the network once, when the home interface is retrieved.
Has anyone considered this, which should have better performance can
passing the information with each invocation? Are there any drawbacks
to this approach?
[ This idea came from John Ellis on the jonas-users mailing list,
message dated November 8, 2000. ]
- Keith
-----Original Message-----
From: Oleg Nitz <[EMAIL PROTECTED]>
To: jBoss <[EMAIL PROTECTED]>
Date: Monday, November 06, 2000 6:16 AM
Subject: Re: [jBoss-User] problem with ctx.getCallerPrincipal()
>Hi jBoss,
>
>Keith L. Musser wrote:
>KLM> For my application, my beans need to know who the end-user is.
When I
>KLM> call the "getCallerPrincipal()" method in the SessionContext or
>KLM> EntityContext, I receive "null".
>
>KLM> Does jBoss propagate the caller principal per the EJB spec?
>Yes.
>
>KLM> If so, how can my client set it initially?
>The simplest way: call
>org.jboss.system.SecurityAssociation.setPrincipal()
>on client.
>
>Other way: use JAAS, see
>http://www.mail-archive.com/[email protected]/msg04170.h
tml
>
>Sorry, the documentation on this topic is not ready yet.
>
>Best regards,
> Oleg
>
>
>
>
>--
>--------------------------------------------------------------
>To subscribe: [EMAIL PROTECTED]
>To unsubscribe: [EMAIL PROTECTED]
>Problems?: [EMAIL PROTECTED]
>
>
--
--------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Problems?: [EMAIL PROTECTED]
