5 Replies Latest reply on Oct 25, 2002 8:34 PM by wolfftw

    Why does SB context.getCallerPrincipal() return instance of

    rixc

      My secured session bean works fine except for the above problem. In my login module I am creating my on principal, com.test.TestPrincipal, but in my session bean I get an instance of org.jboss.security.SimplePrincipal instead. Is this normal? Is it possible to have the getCallerPrincipal return TestPrincipal?

      What is wierd is that the name was correctly set in the SimplePrincipal.

      Can anyone explain this?

      Ricardo

        • 1. Re: Why does SB context.getCallerPrincipal() return instance
          nuts

          I have the same problem. I have a specific Principal and I can't retrives it in a EJB...

          But I'have founded a solution. You can use the Security Manager like:

          ///////////////////////////////////////////////////
          // Get the security manager
          Context ctx = new InitialContext(wProperties);
          org.jboss.security.plugins.JaasSecurityManager wSecurity = (org.jboss.security.plugins.JaasSecurityManager)ctx.lookup("java:/jaas/MySecurityDomain");

          // Find the active principal...
          javax.security.auth.Subject wSubject = wSecurity.getActiveSubject();
          java.util.Set wMyPrincipals = wSubject.getPrincipals(com.st.test.ejb.security.MyPrincipal.class);

          if (wMyPrincipals.size() > 0) {
          com.st.test.ejb.security.MyPrincipal wMyPrincipal = (com.st.test.ejb.security.MyPrincipal)wMyPrincipals.toArray()[0];
          }
          ///////////////////////////////////////////////////

          Please, try it and tell if it works good because I don't have experience with JBOSS and I'm not sure about this solution...

          Nuts

          • 2. Re: Why does SB context.getCallerPrincipal() return instance
            nuts

            I have the same problem. I have a specific Principal and I can't retrives it in a EJB...

            But I'have founded a solution. You can use the Security Manager like:

            ///////////////////////////////////////////////////
            // Get the security manager
            Context ctx = new InitialContext(wProperties);
            org.jboss.security.plugins.JaasSecurityManager wSecurity = (org.jboss.security.plugins.JaasSecurityManager)ctx.lookup("java:/jaas/MySecurityDomain");

            // Find the active principal...
            javax.security.auth.Subject wSubject = wSecurity.getActiveSubject();
            java.util.Set wMyPrincipals = wSubject.getPrincipals(com.st.test.ejb.security.MyPrincipal.class);

            if (wMyPrincipals.size() > 0) {
            com.st.test.ejb.security.MyPrincipal wMyPrincipal = (com.st.test.ejb.security.MyPrincipal)wMyPrincipals.toArray()[0];
            }
            ///////////////////////////////////////////////////

            Please, try it and tell if it works good because I don't have experience with JBOSS and I'm not sure about this solution...

            Nuts

            • 3. Re: Why does SB context.getCallerPrincipal() return instance
              nuts

              I have the same problem. I have a specific Principal and I can't retrives it in a EJB...

              But I'have founded a solution. You can use the Security Manager like:

              ///////////////////////////////////////////////////
              // Get the security manager
              Context ctx = new InitialContext(wProperties);
              org.jboss.security.plugins.JaasSecurityManager wSecurity = (org.jboss.security.plugins.JaasSecurityManager)ctx.lookup("java:/jaas/MySecurityDomain");

              // Find the active principal...
              javax.security.auth.Subject wSubject = wSecurity.getActiveSubject();
              java.util.Set wMyPrincipals = wSubject.getPrincipals(com.st.test.ejb.security.MyPrincipal.class);

              if (wMyPrincipals.size() > 0) {
              com.st.test.ejb.security.MyPrincipal wMyPrincipal = (com.st.test.ejb.security.MyPrincipal)wMyPrincipals.toArray()[0];
              }
              ///////////////////////////////////////////////////

              Please, try it and tell if it works good because I don't have experience with JBOSS and I'm not sure about this solution...

              Nuts

              • 4. Re: Why does SB context.getCallerPrincipal() return instance

                Must custom login module descends from AbstractServerLoginModule and implements the getRoleSets() method as follows. Notice the group I add called CallerPrincipal. This causes my custom principal to be returned from calls to sessionContext.getCallerPrincipal()


                // create a HashMap to hold the groups as they are created
                HashMap oGroups = new HashMap();


                // ************************************

                // Set the Principal class returned from a call to getCallerPrincipal()
                Group oCallerPrincipalGroup = new SimpleGroup("CallerPrincipal");
                oCallerPrincipalGroup.addMember( getIdentity() ); // add your principal here
                oGroups.put( "CallerPrincipal", oCallerPrincipalGroup );

                // *************************************


                // Loop through the RowSet and create the Groups
                do
                {

                // Get the Role and RoleGroup from the RowSet
                String sRoleGroup = oRowSet.getString( "ApplicationRoleGroup" );
                String sRole = oRowSet.getString( "ApplicationRoleCode" );

                getLogger().inspect( "RoleGroup", sRoleGroup );
                getLogger().inspect( "Role", sRole );

                // Check to see if the Group has already been created
                Group oGroup = (Group)oGroups.get( sRoleGroup );
                if( oGroup == null )
                {
                oGroup = new SimpleGroup( sRoleGroup );
                oGroups.put( sRoleGroup, oGroup );
                }

                // Add this role to the group
                oGroup.addMember( new SimplePrincipal(sRole) );

                }
                while( oRowSet.next() );

                // create and populate the Group array
                Group[] aGroups = new Group[ oGroups.size() ];
                oGroups.values().toArray( aGroups );

                // Finally return the Groups
                return aGroups;

                • 5. Re: Why does SB context.getCallerPrincipal() return instance
                  wolfftw

                  jmoring,

                  Are you using 3.0.3? If you could attach your complete LoginModule ... perhaps I'm leaving something simple out. I've created the "CallerPrincipal" group, but still get the SimplePrincipal from the EJBContext. I've been battling this for two days now. Thanks!