> Is there a J2EE specified way of propagating a logged in Subject from
> thread to thread in a client?
...
>
> I would like to do the same thing in JBoss, but in a portable way.
> I.e., it would be best if this would work in WebLogic and other app
> servers too.
>
There is no standard mechanism for this defined in the EJB or J2EE spec.
There is not even a standard mechanism for authenticating a user. It
looks like J2EE will support JAAS in the future, but as of the latest 1.3pfd
this is an optional requirement.
> A candidate solution would be to incorporate Unix-like propagation in a
> trivial server side login module that does no authentication when run
> from "root" (JBoss JMX). I could store the Subject in an
> InheritableThreadLocal and simply propagate its principals/credentials
> to JBoss'es per-thread Subjects whenever requested. This seems a little
> awkward and inefficient, though. Also, I don't want to do anything that
> overlooks some standard approach of which I am unaware.
>
> Any thoughts/comments?
>
Unless you are the one deploying all of the EJBs, etc. that your service is
going to interact with in this fashion you don't have the ability to install such
a noop authentication login module. If you are the deployer of the JBoss
resources then you can setup such a security policy.
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-user