Re: [JBoss-user] getCallerPrincipal problems

Tue, 02 Oct 2001 02:49:57 -0700 

Maybe this article will help with some confusion:
http://www.javaworld.com/javaworld/jw-08-2001/jw-0831-jaas.html

If your running Tomcat outside of JBoss then you have to write your
own request interceptor to pass the web container authentication information
to the EJB request layer. In this case Tomcat is just an EJB client and the
request interceptor could to a JAAS login()/logout() on each request, but
that would not be very efficient. Instead you can do what the
ClientLoginModule
is doing:

import org.jboss.security.SecurityAssociation;
import org.jboss.security.SimplePrincipal;

    String username = request_username;
    char[] credential = request_password;
    SecurityAssociation.setPrincipal(new SimplePrincipal(username));
    SecurityAssociation.setCredential(credential);

xxxxxxxxxxxxxxxxxxxxxxxx
Scott Stark
Chief Technology Officer
JBoss Group, LLC
xxxxxxxxxxxxxxxxxxxxxxxx
----- Original Message -----
From: "Alistair Black" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, October 02, 2001 1:14 AM
Subject: [JBoss-user] getCallerPrincipal problems


> Hi,
>
> I've come from a Sybase EA Server background where I was able to code a
> custom module to authenticate the user connection. I'd like to be able to
do
> the same with JBoss which I'm piloting at present. The authentication
> involves calling an EJB from the custom module. We're using Tomcat outside
> of the container with JBoss 2.4.1, and an Apache web server at the front
> end.
>
> To get JAAS to work do I need to have Tomcat running within JBoss? If I do
> this, can I still use Apache at the front end? My assumptions come from
the
> need to use the LoginContext and I can't see how I can get this to work
> outside of the JBoss wrapper.
>
> The bare minumum requirement I have at present is to enable the use of
> getCallerPrincipal() from with EJBs to obtain the user name. We we were
> using this within EA Server without the need for a JAAS login prior to
> obtaining the InitialContext within the clients.
>
> I've tried to implement the various Login Modules within the JBossSX but
> with little success - presumably due to the lack of LoginContext. Is there
a
> way to by pass this at all?
>
> Any help will be really appreciated.
>
> Confused
>
> Alistair
>
>
> _______________________________________________
> JBoss-user mailing list
> [EMAIL PROTECTED]
> https://lists.sourceforge.net/lists/listinfo/jboss-user
>


_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user

Reply via email to