0 Replies Latest reply on Mar 4, 2008 9:09 AM by Alexander Hartner

    Using custom principal class with JBossWS

    Alexander Hartner Expert

      I would like to use my own Principal class with my own LoginModule. I configured the LoginModule in login-config.xml and annotated by SLSB as follows :

      @Stateless(name="JobAPIWeb")
      @WebService(name="JobAPIWeb", portName="...Port", serviceName="JobAPIWebService", targetNamespace="...")
      @EndpointConfig(configName = "Standard WSSecurity Endpoint")
      @SecurityDomain(value="THZone")
      @SOAPBinding(style = SOAPBinding.Style.DOCUMENT, use = SOAPBinding.Use.LITERAL, parameterStyle = SOAPBinding.ParameterStyle.BARE)
      public class JobAPIWeb implements JobAPIWebRemote {
      ...
      


      Authentication takes place, however when I try to access the principal via

      m_sessionContext.getCallerPrincipal().getClass().getName()
      


      it presents me with a org.jboss.ws.extensions.security.SimplePrincipal, rather then my own class returned in the LoginModules commit method.

      My search so far led me to ReceiveUsernameOperation in which the UserNameToken is converted to a SimplePrincipal.

      http://fisheye.jboss.com/browse/JBossWS/trunk/jbossws-core/src/main/java/org/jboss/ws/extensions/security/ReceiveUsernameOperation.java?r=4023


      Are there any configuration options which would allow me to access the principal object as it is returned by my LoginModule.

      Thanks in advance.
      Alex