1 Reply Latest reply on Oct 7, 2011 8:05 AM by ccob

Problem propagating WS-Security to EJB3 security

ccob Oct 6, 2011 12:08 PM

Hi,

I am in the process of moving a AS6 compatible project over to AS7. Part of this project involves as EJB3 based web service with WS-Security, SecurityDomain and RolesAllowed for method security.

I have a custom CXF interceptor that handles the authentication using Picketbox via SecurityFactory.establishSecurityContext. From this I then get a SecurityContext to finally getting an AuthenticationManager.

Authenticating with the AuthenticationManager works via the configured SecurityDomain within standalone.xml via the DatabaseServerLoginModule but I am having problems propagating the subject down to EJB3 security. On AS6 I used SecurityAdaptor.pushSubjectContext method, but the method doesn't exist on AS7.

How should one propagate a subject authenticated via AuthenticationManager down to EJB3 as currently I still get an EJBAccessException.

Thanks.

1. Re: Problem propagating WS-Security to EJB3 security

ccob Oct 7, 2011 8:05 AM (in response to ccob)
I figured it out in the end just in case others would like to know the answer. Intially I was using

SecurityFactory.establishSecurityContext("securitydomain");

to retreive a SecurityContext to make a call to

getUtil().createSubjectInfo(principal, password, subject);

But this didn't seem to propagate down to EJB and the prinicpal still ended up being the anonymous principal name. By using

SecurityContextAssociation.getSecurityContext();

to retrieve the SecurityContext instead of using the SecurityFactory's establishSecurityContext method, and then calling the createSubjectInfo as before, the principal propagate correctly as expected.
Actions