I am trying out to implement security in EJB3, with stand alone client. Here is the code.
When I print "name" property of principal in bean, I am not getting the name I had set in the NameCallback. Is there any flaw in this implementation? I am having this doubt because I am not prompting for userName and password in callback handler. Instead I am directly passing userName and password in the constructor. Is this implementation legal? I have done this because, I want to integrate this in the servlet later. I am not using J2EE authentication in the web layer and I need to use EJB security.
I need to integrate authentication to EJB quickly. Can someone please explain how and when Principal is set before EJB method is called? I read in many of the books but didn't find appropriate explanation any where..