1 Reply Latest reply on Oct 9, 2001 2:26 AM by ko5tik

    Authorization check inside ejb

    pkghosh
    pkghosh Oct 9, 2001 12:20 AM

      I need to do FilePermission checking inside an ejb. I am planning to call Subject.doAs(). Inside the run() method of PrivelagedAction object I will call AccessController.checkPermission().

      I have 2 questions
      1. Is this the right approach
      2. Inside the ejb how do I get hold hold of the Subject object which I need to pass to doAs().

      I am using JAAS client side and server side login. I would appreciate any help

      Thanks,
      Pranab

      • 11393 Views
      • Tags:
        • 1. Re: Authorization check inside ejb
          ko5tik
          ko5tik Oct 9, 2001 2:26 AM (in response to pkghosh)

          java.security.Principal p = ctx.getCallerPrincipal();
          ( where ctx is your session or entity contect )

          would give you principal object assotiated woth this
          method call
          ( it would be login name typically )

          But it's not so good idea to do file system stuff from EJB...

            • Actions