This week's giveaway is in the EJB and other Java EE Technologies forum.
We're giving away four copies of EJB 3 in Action and have Debu Panda, Reza Rahman, Ryan Cuprak, and Michael Remijan on-line!
See this thread for details.
The moose likes EJB and other Java EE Technologies and the fly likes JAAS and EJB Server authorization Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of EJB 3 in Action this week in the EJB and other Java EE Technologies forum!
JavaRanch » Java Forums » Java » EJB and other Java EE Technologies
Bookmark "JAAS and EJB Server authorization" Watch "JAAS and EJB Server authorization" New topic
Author

JAAS and EJB Server authorization

huzefa kalyaniwala
Greenhorn

Joined: Oct 11, 2003
Posts: 2
Hi,
basically what i want to know is from where does the method of EJBContext, getCallerPrincipal() return the principal from? I am using JAAS for WEB Server authentication. After authentication, i populate the Subject with more than 1 principals, out of which some are the roles the logged in user is allowed to play. In this case what would the getCallerPrincipal() method return me ?
Sri Basavanahally
Ranch Hand

Joined: Oct 07, 2003
Posts: 75
getCallerPrincipal() will return you the caller that invoked the EJBObject.(As defined by <security-role-ref> tags in your deployment descriptor.


UP THE IRONS !
huzefa kalyaniwala
Greenhorn

Joined: Oct 11, 2003
Posts: 2
Hi,
Thanx buddy ...
But can U just give some information about the tags U mention ...
And also, currently I have some proto code, which passes the principal to the EJB Container while getting the Initial Context ... and i presume .. this is what the Container returns me thru the EntityContext or SessionContext .. am I right?
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: JAAS and EJB Server authorization
 
Similar Threads
Authentication with swing client
Security Question about Handle class
JAAS with stateless beans
How to get login name ???
FORM and BASIC authentication in the same web app