0 Replies Latest reply on Jan 5, 2012 5:46 AM by inet_gbo

    How to configure a startup servlet that it runs in the security-context of a given user at startup

    inet_gbo

      Hi,

       

      Does someone know how to configure a startup servlet that it runs in the security-context of a given user in init() or destroy()?

       

      When I try accessing principal.getName(), I get "java.lang.IllegalStateException: No security context established ... ".

       

      web.xml:

       

      {code}

      <servlet>

         <servlet-name>TestServlet</servlet-name>

         <servlet-class>inet.module.is.servlet.TestServlet</servlet-class>

         <load-on-startup>1</load-on-startup>

         <run-as><role-name>User1</role-name></run-as>

      </servlet>

      {code}

       

      My Servlet:

       

      {code}

      public class TestServlet extends HttpServlet {

          @Inject

          private Principal principal;

       

          public void init(ServletConfig config) throws ServletException {

              String caller = principal.getName(); // throws  java.lang.IllegalStateException: No security context established

              ...

          }

      {code}

       

       

      I'm not sure if it's a bug in jboss 7.0.2 or if I'm missing something.

      I also tried it with <run-as-principal> setting in jboss-web.xml. But then I get a parse error at startup (it seems that AS 7 does not support the servlet and nested run-as-principal element in jboss-web.xml ...)

       

      Thanks for your help

      Günther