7 Replies Latest reply on May 23, 2006 12:44 PM by Scott Stark

    Plugging in Authentication Providers on EJB3 Interceptors

    Anil Saldanha Master

      The EJB3 interceptors have the InvocationContext as follows:

      public interface javax.ejb.InvocationContext {
       public Object getBean();
       public Method getMethod();
       public Object[] getParameters();
       public void setParameters(Object[]);
       public Context getEJBContext();
       public java.util.Map getContextData();
       public Object proceed() throws Exception;

      Does the InvocationContext have sufficient security information to provide external authentication providers? This has to take into consideration various transports like IIOP that propogate security via the ORBs.

      What are your thoughts on this?