4 Replies Latest reply on Oct 3, 2002 12:58 PM by sumetpong

JAAS - Programmatic access to Subject

chrisgerrard Apr 4, 2002 5:09 PM

Is there any way I can get access to the authenticated Subject from my application code running in JBoss?
This particular code is neither a Servlet nor an EJB, therefore doesn't have access to the HttpServletRequest or EJBContext mechanisms for retrieving this (user) information.
In our case we need to be able to determine the current user's identity in order to be able the retrieve some personalization stuff. FWIW the new Java 1.4 Preferences interface exposes methods which don't accept user/Subject parameters & so the implication seems to be that implementations need to have some mechanism for determining user identity information.
I'm aware of the Security Proxies available in JBoss, but can't see how they'd be of real use in this circumstance.
Thanks, sorry for the length.

1. Re: JAAS - Programmatic access to Subject

basil Apr 26, 2002 4:17 PM (in response to chrisgerrard)

The article 'http://www.javaworld.com/javaworld/jw-02-2002/jw-0215-ejbsecurity_p.html' says the following:

"Subject-based authorization
If you use the standard JBoss JaasSecurityManager to handle your security, then you can obtain the currently active JAAS Subject as an alternative to calling EJBContext methods. The subject is an instance of javax.security.auth.Subject that is set for the invocation. You can use JNDI (Java Naming and Directory Interface) to obtain a reference to it, as follows:

InitialContext ic = new InitialContext();
Subject subject = (Subject)ic.lookup("java:comp/env/security/subject");
"

I hope this helps.

- Basil
Actions
2. Re: JAAS - Programmatic access to Subject

joe543 Apr 26, 2002 6:01 PM (in response to chrisgerrard)

Hi,

tc3.2.3+jboss241

Can anyone tell me why I get 'subject not bound' when I try the above approach?

[UserWelcomeAction] perform()!
[Default] javax.naming.NameNotFoundException: subject not bound
According to the jboss manual, jboss binds the subject. What am I missing?

Joe
Actions
3. Re: JAAS - Programmatic access to Subject

chrisgerrard May 3, 2002 7:27 PM (in response to chrisgerrard)

I've used this code in a SLSB and it's worked OK so far.
The JavaWorld article is worth reading.
Actions
4. Re: JAAS - Programmatic access to Subject

sumetpong Oct 3, 2002 12:58 PM (in response to chrisgerrard)

I am able to get subject. I get the principals but privateCredentials is null.

I use LDAP Login Module and I need to privateCredentials

what am I doing wrong ?
Actions

Go to original post