3 Replies Latest reply on Nov 5, 2002 9:10 AM by shack

Securityproxy and external applications

kakoni Nov 4, 2002 4:17 AM

Our beans are being "protected" by customized security proxy, and now I've got the following problem:

If the call to these bean is being made from "external" application, how can I provide securityproxy/loginmodule with needed principal info..? Is there a way to put this information into initialcontext object, where login module could look it up or?

1. Re: Securityproxy and external applications

shack Nov 5, 2002 6:44 AM (in response to kakoni)

First of all, you have to put the principal in your client application into a org/jboss/security/SecurityAssociation object. With each request from your application, JBoss will automatically receive the user principal.

After that you can call EJBContext.getCallerPrincipal() in your security proxy. It's just the same way you use it inside an EJB.
Actions
2. Re: Securityproxy and external applications

shack Nov 5, 2002 6:46 AM (in response to kakoni)

First of all, you have to put the principal in your client application into a org/jboss/security/SecurityAssociation object. With each request from your application, JBoss will automatically receive the user principal.

After that you can call EJBContext.getCallerPrincipal() in your security proxy. It's just the same way you use it inside an EJB.
Actions
3. Re: Securityproxy and external applications

shack Nov 5, 2002 9:10 AM (in response to kakoni)

First of all, you have to put the principal in your client application into a
org/jboss/security/SecurityAssociation object. With each request from your
application, JBoss will automatically receive the user principal.

After that you can call EJBContext.getCallerPrincipal() in your security proxy.
It's just the same way you use it inside an EJB.
Actions

Go to original post