1 Reply Latest reply on May 2, 2008 12:29 PM by lent

EJB Session Context Returns Incorrect Principal With Custom

lent May 1, 2008 8:43 PM

Hello,

I'm using JBoss Application Server 4.0.5GA.

I wrote a custom login module which accepts either the user credentials or accepts a token which they still pass through the username/password fields. In my login module, when I detect that a token is being passed in, I retrieve the user associated with the token and then login as that user. The user is logged in properly and the correct user (Principal) is returned from the Subject retrieved from PolicyContext and security checks are performed correctly based on this user. However, if I call SessionContext.getPrincipal, then the Pricipal returned is one based on the passed in credentials (in this case the token itself) instead of being the logged in user.

Can anyone shed light on this behaviour? Is there something special that I have to do to ensure that SessionContext has the correct Principal?

Regards,
Len Takeuchi

1. Re: EJB Session Context Returns Incorrect Principal With Cus

lent May 2, 2008 12:29 PM (in response to lent)

I should add that I'm using jax-ws with an EJB endpoint. On a related note, is there some document that describes the contract between a login module and the container?

Len
Actions