wood burning stoves 2.0*
The moose likes EJB and other Java EE Technologies and the fly likes JAAS and EJB Server authorization Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Java » EJB and other Java EE Technologies
Bookmark "JAAS and EJB Server authorization" Watch "JAAS and EJB Server authorization" New topic
Author

JAAS and EJB Server authorization

huzefa kalyaniwala
Greenhorn

Joined: Oct 11, 2003
Posts: 2
Hi,
basically what i want to know is from where does the method of EJBContext, getCallerPrincipal() return the principal from? I am using JAAS for WEB Server authentication. After authentication, i populate the Subject with more than 1 principals, out of which some are the roles the logged in user is allowed to play. In this case what would the getCallerPrincipal() method return me ?
Sri Basavanahally
Ranch Hand

Joined: Oct 07, 2003
Posts: 75
getCallerPrincipal() will return you the caller that invoked the EJBObject.(As defined by <security-role-ref> tags in your deployment descriptor.


UP THE IRONS !
huzefa kalyaniwala
Greenhorn

Joined: Oct 11, 2003
Posts: 2
Hi,
Thanx buddy ...
But can U just give some information about the tags U mention ...
And also, currently I have some proto code, which passes the principal to the EJB Container while getting the Initial Context ... and i presume .. this is what the Container returns me thru the EntityContext or SessionContext .. am I right?
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: JAAS and EJB Server authorization
 
Similar Threads
Security Question about Handle class
Authentication with swing client
JAAS with stateless beans
How to get login name ???
FORM and BASIC authentication in the same web app