Hello!
We have to authenticate a user against a Host-System but we do not want to implement a resource adapter for this.
The idea was to write a LDAP LoginModule to read the login information for the host system and serve this info in the credentials of the subject.
We didn't find a solution how to access the subject within an EJB method.
First question: Is this allowed in the security sense?
Tried following:
public String echo(String arg)
{
AccessControlContext acc = AccessController.getContext();
System.out.println("got acc: " + acc);
acc.checkPermission(new AuthPermission("getSubject"));
Subject subj = Subject.getSubject(acc);
System.out.println("got Subject: " + subj);
System.out.println("StatelessSessionBean.echo, arg="+arg);
Principal p = sessionContext.getCallerPrincipal();
System.out.println("StatelessSessionBean.echo, callerPrincipal="+p);
return arg;
}
Second question: Could this work?
It does not. We got an ACC, but the returned Subject was null.
Thx for your time.
// Torben