This content has been marked as final.
Show 2 replies
-
1. Re: Wildfly Elytron programmatic local login
dlofthouse May 22, 2018 5:19 AM (in response to jenskreidler)Very quickly the steps to follow for in container authentication and identity switching are: -
- Obtain the SecurityDomain associated with the deployment SecurityDomain (WildFly Elytron 1.3.2.Final API)
- Authenticate which will give you a SecurityIdentity SecurityDomain (WildFly Elytron 1.3.2.Final API)
- Use one of the runAs methods on the resulting SecurityIdentity SecurityIdentity (WildFly Elytron 1.3.2.Final API)
-
2. Re: Wildfly Elytron programmatic local login
jenskreidler Jun 1, 2018 11:46 AM (in response to dlofthouse)Hi Darran,
thank you for your answer, I've found the time to forge your solution draw, thanks so far:
@AroundInvoke public Object invokeMethodLoggedIn(final InvocationContext context) throws Exception { // Check if the invocation context is method-driven Method method = context.getMethod(); if (method != null) { ContainerAutoLogin runWith = method.getAnnotation(ContainerAutoLogin.class); // Do the programmatic login only if it is required/necessary if (shouldLogin(runWith)) { SecurityDomain currentSecurityDomain = SecurityDomain.getCurrent(); Evidence evidence = new PasswordGuessEvidence(runWith.password().toCharArray()); SecurityIdentity identity = currentSecurityDomain.authenticate(runWith.username(), evidence); return identity.runAs(new Callable(){ @Override public Object call() throws Exception { LOG.warn("This should be runWith#username()? " + sessionCtx.getCallerPrincipal().getName()); return context.proceed(); } }); } } return context.proceed(); }
Unfortunately, the username still is "anonymous".
What is the correct way to propagate the authenticated elytron user to the container's EJBContext (authentication it succeeds, changing password to an invalid one throws the appropriate exception).?
I'd like to rely on EJBContext or SessionContext's getCallerPrincipal() in order to get the current authenticated, logged-in technical user behind the scenes.
Thanks in advance for your hints and knowledge!