RE: [JBoss-user] :-| Security Roles

Fri, 01 Jun 2001 08:48:56 -0700 

:-) Thanks for your time...

Lewis

-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Scott M
Stark
Sent: 01 June 2001 16:43
To: [EMAIL PROTECTED]
Subject: Re: [JBoss-user] :-| Security Roles


The JBossSX chapter describes the security manager details. There
are no security restrictions to accessing JNDI currently. If you are running
with a security manager then there are permissions required to
access the Subject information. A sample for iterating the roles
assigned to the current user for an EJB secured under the a security-domain
element value of java:/jaas/mySecureDomain is:

import java.security.acl.Group;
import javax.security.auth.Subject;
import org.jboss.security.SubjectSecurityManager;

    InitialContext ctx = new IntialContext();
    SubjectSecurityManager secMgr = (SubjectSecurityManager)
ctx.lookup("java:/jaas/mySecureDomain");
    Subject subject = secMgr.getActiveSubject();
    Set subjectGroups = subject.getPrincipals(Group.class);
    Iterator iter = subjectGroups.iterator();
    Enumeration userRoles = null;
    while( iter.hasNext() )
    {
        Group grp = (Group) iter.next();
        String name = grp.getName();
        if( name.equals("Roles") )
       {
            userRoles = grp.members();
            break;
        }
    }


----- Original Message -----
From: "Lewis Henderson" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, June 01, 2001 8:07 AM
Subject: RE: [JBoss-user] :-| Security Roles


> This method is great for me...Security is one of the non-standard areas of
> J2EE app servers that I have to resort to a 'server-specific' module...
>
> Can you give me any pointers as to where I should start looking to do
> this...or do you have a sample?
>
> As this is accessed via a JNDI lookup, are there any security issues as to
> who can see what that I should know about?
>
>
> Lewis
>



_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-user


_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-user

Reply via email to