1 Reply Latest reply on Nov 28, 2011 8:11 AM by bysse

    Getting wrong CallerPrincipal from SessionContext

    bysse
    bysse Nov 2, 2011 9:08 AM

      I'm having problems with a custom login module in JBoss 6.0.0 Final.

      What it's doing is authenticating the user with LDAP and then uses another username in the returned principal. (legacy support, why else?)

      So basically:

      1. Get LDAP credentials with the callbacks (username A)
      2. Authenticate against LDAP
      3. Create identity with username B
      4. Create roleset with Roles and CallerPrincipal
      5. Done

       

      So far everything works fine, but when i call SessionContext.getCallerPrincipal from an EJB i get a principal with username A.

      SecurityAssociation.getSubject() will return a subject the correct Principals ie username B.

       

      Does anyone have any idea of why this is happening?

       

      Thanks

        • 1. Re: Getting wrong CallerPrincipal from SessionContext
          bysse
          bysse Nov 28, 2011 8:11 AM (in response to bysse)

          I solved my problem by using:

           

          import javax.security.auth.Subject;
          import javax.security.jacc.PolicyContext;
          import javax.security.jacc.PolicyContextException;
          ...
             /** The JACC PolicyContext key for the current Subject */
             private static final String SUBJECT_CONTEXT_KEY = "javax.security.auth.Subject.container";
          ...
                   Subject caller = (Subject) PolicyContext.getContext(SUBJECT_CONTEXT_KEY);

           

          From the http://community.jboss.org/wiki/SecurityFAQ Question #9.

            • Actions