Hi, Christian! I have questions about getting the authentication result in a place different of where we do authentication. There is such description of Subject.getSubject method In Javadoc:
*Get the Subject associated with the provided AccessControlContext. The AccessControlContext may contain many Subjects (from nested doAs calls). In this situation, the most recent Subject associated with the AccessControlContext is returned.* So we can get that: 1. there is no any Subject in AccessControlContext, if we don't call any secured method. It means, that just after a simple LoginContext.login() we can't get a Subject from AccessControlContext. 2. If other Subject calls some secured method in the same thread, it replaces the current Subject in AccessControlContext, and the result of Subject.getSubject() will be different. Thanks! Pavel cschneider wrote > There is one more thing you should look into. Quite often you will need > the authentication result in a place different from the place where you > do the authentication. > Passing the subject around is not very effective. > > Luckily there is a quite unknown way in JAAS to do this: > > AccessControlContext acc = AccessController.getContext(); > Subject subject = Subject.getSubject(acc); > > This allows to get the subject at any place in your code. ----- Pavel -- View this message in context: http://karaf.922171.n3.nabble.com/Security-in-Module-tp4039307p4040437.html Sent from the Karaf - User mailing list archive at Nabble.com.
