| Author |
Security Context Propagation
|
Tibor Hegyi
Greenhorn
Joined: May 13, 2002
Posts: 8
|
|
Hi,
I have an enterprise app installed under weblogic 8.1 that uses J2EE security. We log into the web container (j_security_check), the security context (SC1) is properly propagated to the ejb container. So far so good.
From an EJB, I must call another EJB in a remote application server that is Weblogic 7.0.4. To do this I explicitely specify the parameters to open the InitialContext on the remote server. These parameters are Context.PROVIDER_URL, Context.INITIAL_CONTEXT_FACTORY, Context.SECURITY_PRINCIPAL and Context.SECURITY_CREDENTIALS.
The remote weblogic server does not know the security context in the local weblogic server (SC1), this is why I specify the principal/credentials pair that is valid on the remote server.
I can create the InitialContext, I can lookup the Home interface of the EJB in the remote server, but when I call homeObj.create() to create a Stub to an EJB instance, the remote server throws a "java.lang.SecurityException: Invalid Subject, principals=[<principals from the local weblogic server>]".
Which means that the local security context is propagated to the remote weblogic server, although I have explicitely specified it as the parameters to the InitialContext.
Can anybody help me to solve this problem?
Thanks in advance, I hope the above description is clear enough.
Tibor
|
 |
Karthik Guru
Ranch Hand
Joined: Mar 06, 2001
Posts: 1209
|
|
|
Uhhm. Did you close the remote jndi context after the look up on the remote machine? If you have closed it, then yes, the local user credentials will be passed.
|
|
 |
|
|
subject: Security Context Propagation
|
|
|
0
