The JBossSX chapter describes the security manager details. There
are no security restrictions to accessing JNDI currently. If you are running
with a security manager then there are permissions required to
access the Subject information. A sample for iterating the roles
assigned to the current user for an EJB secured under the a security-domain
element value of java:/jaas/mySecureDomain is:
import java.security.acl.Group;
import javax.security.auth.Subject;
import org.jboss.security.SubjectSecurityManager;
InitialContext ctx = new IntialContext();
SubjectSecurityManager secMgr = (SubjectSecurityManager)
ctx.lookup("java:/jaas/mySecureDomain");
Subject subject = secMgr.getActiveSubject();
Set subjectGroups = subject.getPrincipals(Group.class);
Iterator iter = subjectGroups.iterator();
Enumeration userRoles = null;
while( iter.hasNext() )
{
Group grp = (Group) iter.next();
String name = grp.getName();
if( name.equals("Roles") )
{
userRoles = grp.members();
break;
}
}
----- Original Message -----
From: "Lewis Henderson" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, June 01, 2001 8:07 AM
Subject: RE: [JBoss-user] :-| Security Roles
> This method is great for me...Security is one of the non-standard areas of
> J2EE app servers that I have to resort to a 'server-specific' module...
>
> Can you give me any pointers as to where I should start looking to do
> this...or do you have a sample?
>
> As this is accessed via a JNDI lookup, are there any security issues as to
> who can see what that I should know about?
>
>
> Lewis
>
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-user
