0 Replies Latest reply on Mar 4, 2008 9:09 AM by ejb3workshop

    Using custom principal class with JBossWS

    ejb3workshop
    ejb3workshop Mar 4, 2008 9:09 AM

      I would like to use my own Principal class with my own LoginModule. I configured the LoginModule in login-config.xml and annotated by SLSB as follows :

      @Stateless(name="JobAPIWeb")
@WebService(name="JobAPIWeb", portName="...Port", serviceName="JobAPIWebService", targetNamespace="...")
@EndpointConfig(configName = "Standard WSSecurity Endpoint")
@SecurityDomain(value="THZone")
@SOAPBinding(style = SOAPBinding.Style.DOCUMENT, use = SOAPBinding.Use.LITERAL, parameterStyle = SOAPBinding.ParameterStyle.BARE)
public class JobAPIWeb implements JobAPIWebRemote {
...


      Authentication takes place, however when I try to access the principal via 

      m_sessionContext.getCallerPrincipal().getClass().getName()


      it presents me with a org.jboss.ws.extensions.security.SimplePrincipal, rather then my own class returned in the LoginModules commit method.

      My search so far led me to ReceiveUsernameOperation in which the UserNameToken is converted to a SimplePrincipal.

      http://fisheye.jboss.com/browse/JBossWS/trunk/jbossws-core/src/main/java/org/jboss/ws/extensions/security/ReceiveUsernameOperation.java?r=4023


      Are there any configuration options which would allow me to access the principal object as it is returned by my LoginModule.

      Thanks in advance.
      Alex

      • 637 Views
      • Tags: