-
1. Re: How to getRoles() from Session EJB
wdrai Oct 20, 2003 4:09 AM (in response to ebdr)The only way I've found to do this is:
Subject subject = SecurityAssociation.getSubject();
Set principals = subject.getPrincipals(java.security.acl.Group.class);
..iterate to find the group named 'Roles'
group.getMembers() then contains a list of Principals which names are the role names.
It is JBoss-specific but the EJB spec does not provide a standard way for retrieving role names.
Hope this helps.
William -
2. Re: How to getRoles() from Session EJB
juha Oct 20, 2003 5:41 AM (in response to ebdr)Yes SecurityAssociation is correct.
-
3. Re: How to getRoles() from Session EJB
ebdr Oct 20, 2003 12:11 PM (in response to ebdr)great thank you very much.....
Eric -
4. Re: How to getRoles() from Session EJB
ebdr Oct 21, 2003 9:56 PM (in response to ebdr)Hi,
It seems that this code is giving me inconsistant results.
Subject subject = SecurityAssociation.getSubject();
sometimes returns null or the improper subject. This is a big problem for me since unauthenticated users will sometimes be seen as authenticated.
I have noticed that if no users have logged in, then no unpredictable results occur. But if, user A (browser on separate machine) logs in, then user B (unauthenticated) will sometimes take on the identity of user A.
Here is my code (it lives in a stateless session bean):
public Vector getRoles() {
Vector roles = new Vector();
String principal = null;
if (SecurityAssociation.getPrincipal() == null) {
principal = this.sessionCtx.getCallerPrincipal().getName();
} else {
principal = SecurityAssociation.getPrincipal().getName();
}
Subject subject = SecurityAssociation.getSubject();
if (subject == null) {
log.debug("subject is NULL for: "+principal);
roles.add("guest");
return roles;
}
Set principals = subject.getPrincipals(Group.class);
// iterate to find the group named 'Roles'
Iterator it = principals.iterator();
while (it.hasNext()) {
Group group = (Group) it.next();
if ("Roles".equals(group.getName())) {
Enumeration enum = group.members();
while (enum.hasMoreElements()) {
Principal role = (Principal) enum.nextElement();
roles.add(role.getName());
}
}
}
return roles;
}
thank you again for your help.
Best regards,
Eric -
5. Re: How to getRoles() from Session EJB
ebdr Oct 22, 2003 4:23 PM (in response to ebdr)found the answer in this thread, thank you very much:
http://www.jboss.org/modules/bb/index.html?module=bb&op=viewtopic&t=