You are on the right track. SecurityUtils.getSubject().getSession().getId() will return the session ID. You can automate the sessionID transfers by using EJB interceptors. The code I posted before can be used to keep Shiro / EJB security context between multiple remote EJBs
On May 27, 2014, at 9:58 AM, P82 wrote: > And again thank you for your time. When you answered me I was thinking how > shiro distinguish users on the server side (as it's the very important > issue). > If I understand you right I can do according to such algorithm: > 1)from standalone client I call some EJB which have method something like > this public String getSessionId(name,pass). If name and pass are correct it > returns sessionId otherwise null. > 2)after that every time I call EJB I call public ... > ejbMethod(sessionId,ejbParam) > If I am right then I can't find one thing how to getSessionId from > SecurityManager at step one and setSessionId at step two. Can you help me? > > > > -- > View this message in context: > http://shiro-user.582556.n2.nabble.com/Glassfish-4-EJB-Shiro-OSGI-standalone-client-tp7579977p7579985.html > Sent from the Shiro User mailing list archive at Nabble.com. >
