2 Replies Latest reply on Feb 5, 2013 9:56 AM by Juergen Weber

    Security propagation from Servlet to EJB

    Juergen Weber Newbie

      Hi,

       

      I tried security propagation from a Servlet to an EJB. The bean is injected, the call to the EJB works. The servlet is secured, request.getRemoteUser() gives the correct user.

      But in the EJB I get

      callerPrincipal: anonymous

       

      Corresponding to the Java EE 6 tutorial, the user should be propagated by default:

      "By default, the identity of the caller of the intermediate component is propagated to the target enterprise bean"

      http://docs.oracle.com/javaee/6/tutorial/doc/bnbyl.html#bnbyr

       

      How do you make that work with JBoss 7.1 ?

       

      Thanks,

      Juergen