Hi, I'm trying out what you've created, but there's one thing that seems to be missing: org.apache.openejb.BeanContext
Couldn't find this one on any of the OpenEJB 3.1.4 release jars. Would this be available with some other openejb jar that I haven't downloaded, or could this be replaced with the DeploymentInfo object? David Blevins-2 wrote: > > I had a look at the SpnegoHttpFilter source and it seems the primary thing > they're doing is wrapping the HttpServletRequest with a > SpnegoHttpServletRequest -- I'm guessing to alter the behavior of the > getUserPrincipal() method. > > I did some digging into Tomcat on the various ways you can redirect and it > looks like RequestDispatcher.forward() will preserve the original http > request and response. So setting up the SpnegoHttpFilter against a > servlet (or another filter) that uses a RequestDispatcher.forward() to > forward to the webservice should do the trick. > > That should get you the same service you would get in any other EE impl. > > I think it could be better. Wrapping the servlet request and overriding > that one method isn't going to get that totally unified "feel" as when you > travel into EJB land which also has a getCallerPrincipal method as well as > method based security via @RolesAllowed, the "wrap the servletrequest" > trick isn't going to have any effect. > > I hacked you up a little Spnego security service for OpenEJB based on our > Tomcat security service. No reason to have OpenEJB setup to use the > Tomcat security Realm APIs when Spnego doesn't use them. Better to have > OpenEJB just use the work the SpnegoFilter did. Not tested but should > work > > https://gist.github.com/1096823 > > Primary thing is to make sure the SpnegoSecurityServiceFilter is run after > the SpnegoFilter. Then move this jar and the spnego jars into either the > tomcat/lib/ dir or the tomcat/webapps/openejb/lib/ dir. > > Hope this helps! > > > -David > -- View this message in context: http://openejb.979440.n4.nabble.com/Tomcat-Servlet-Filters-or-Valves-and-OpenEJB-tp3680204p3683269.html Sent from the OpenEJB User mailing list archive at Nabble.com.
