Win a copy of Re-engineering Legacy Software this week in the Refactoring forum
or Docker in Action in the Cloud/Virtualization forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

java thin client login in Websphere

 
Justin joseph
Greenhorn
Posts: 27
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Currently we are using Weblogic application server. In the client side we have a JAAS Login module (Custom) which calls Authenticate.authenticate() (Weblogic custom class) which initiates a JAAS login at the server. I need to add my on additional information to the principal and return it form server, after successfull login. After login the subject, with my principal, is avialable at the client side and it is passed on every EJB invocation, which enables me to call getCallerPrincipal() on context to retrieve my Custom Principal and do programmatic authorization. It works fine with weblogic.
In JBoss, which is our development server for the time being, i wrote a custom security interceptor which initiates jaas login at server and used SecurityAssociation class(JBoss) to propagate client subject with every ejb invocation. that too works fine. Now i'm porting my application to Websphere. Infact application requires no porting but security module does.

i want to implement same logic for security here. client initiates a jaas login. the login module should be able to start jass login at server and return my subject, which will be associated with my ejb invocation context. (ThreadContextImpl.set_thread_subject() is also fine for me.)

is there any way, by which i can implement this in websphere?
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic