Win a copy of The Java Performance Companion this week in the Performance forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

JAAS and EJB Server authorization

 
huzefa kalyaniwala
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
basically what i want to know is from where does the method of EJBContext, getCallerPrincipal() return the principal from? I am using JAAS for WEB Server authentication. After authentication, i populate the Subject with more than 1 principals, out of which some are the roles the logged in user is allowed to play. In this case what would the getCallerPrincipal() method return me ?
 
Sri Basavanahally
Ranch Hand
Posts: 75
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
getCallerPrincipal() will return you the caller that invoked the EJBObject.(As defined by <security-role-ref> tags in your deployment descriptor.
 
huzefa kalyaniwala
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
Thanx buddy ...
But can U just give some information about the tags U mention ...
And also, currently I have some proto code, which passes the principal to the EJB Container while getting the Initial Context ... and i presume .. this is what the Container returns me thru the EntityContext or SessionContext .. am I right?
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic