5 Replies Latest reply on Oct 25, 2002 8:34 PM by Todd

    Why does SB context.getCallerPrincipal() return instance of

    Ricardo Coutinho Newbie

      My secured session bean works fine except for the above problem. In my login module I am creating my on principal, com.test.TestPrincipal, but in my session bean I get an instance of org.jboss.security.SimplePrincipal instead. Is this normal? Is it possible to have the getCallerPrincipal return TestPrincipal?

      What is wierd is that the name was correctly set in the SimplePrincipal.

      Can anyone explain this?

      Ricardo

        • 1. Re: Why does SB context.getCallerPrincipal() return instance
          Stéphane Newbie

          I have the same problem. I have a specific Principal and I can't retrives it in a EJB...

          But I'have founded a solution. You can use the Security Manager like:

          ///////////////////////////////////////////////////
          // Get the security manager
          Context ctx = new InitialContext(wProperties);
          org.jboss.security.plugins.JaasSecurityManager wSecurity = (org.jboss.security.plugins.JaasSecurityManager)ctx.lookup("java:/jaas/MySecurityDomain");

          // Find the active principal...
          javax.security.auth.Subject wSubject = wSecurity.getActiveSubject();
          java.util.Set wMyPrincipals = wSubject.getPrincipals(com.st.test.ejb.security.MyPrincipal.class);

          if (wMyPrincipals.size() > 0) {
          com.st.test.ejb.security.MyPrincipal wMyPrincipal = (com.st.test.ejb.security.MyPrincipal)wMyPrincipals.toArray()[0];
          }
          ///////////////////////////////////////////////////

          Please, try it and tell if it works good because I don't have experience with JBOSS and I'm not sure about this solution...

          Nuts

          • 2. Re: Why does SB context.getCallerPrincipal() return instance
            Stéphane Newbie

            I have the same problem. I have a specific Principal and I can't retrives it in a EJB...

            But I'have founded a solution. You can use the Security Manager like:

            ///////////////////////////////////////////////////
            // Get the security manager
            Context ctx = new InitialContext(wProperties);
            org.jboss.security.plugins.JaasSecurityManager wSecurity = (org.jboss.security.plugins.JaasSecurityManager)ctx.lookup("java:/jaas/MySecurityDomain");

            // Find the active principal...
            javax.security.auth.Subject wSubject = wSecurity.getActiveSubject();
            java.util.Set wMyPrincipals = wSubject.getPrincipals(com.st.test.ejb.security.MyPrincipal.class);

            if (wMyPrincipals.size() > 0) {
            com.st.test.ejb.security.MyPrincipal wMyPrincipal = (com.st.test.ejb.security.MyPrincipal)wMyPrincipals.toArray()[0];
            }
            ///////////////////////////////////////////////////

            Please, try it and tell if it works good because I don't have experience with JBOSS and I'm not sure about this solution...

            Nuts

            • 3. Re: Why does SB context.getCallerPrincipal() return instance
              Stéphane Newbie

              I have the same problem. I have a specific Principal and I can't retrives it in a EJB...

              But I'have founded a solution. You can use the Security Manager like:

              ///////////////////////////////////////////////////
              // Get the security manager
              Context ctx = new InitialContext(wProperties);
              org.jboss.security.plugins.JaasSecurityManager wSecurity = (org.jboss.security.plugins.JaasSecurityManager)ctx.lookup("java:/jaas/MySecurityDomain");

              // Find the active principal...
              javax.security.auth.Subject wSubject = wSecurity.getActiveSubject();
              java.util.Set wMyPrincipals = wSubject.getPrincipals(com.st.test.ejb.security.MyPrincipal.class);

              if (wMyPrincipals.size() > 0) {
              com.st.test.ejb.security.MyPrincipal wMyPrincipal = (com.st.test.ejb.security.MyPrincipal)wMyPrincipals.toArray()[0];
              }
              ///////////////////////////////////////////////////

              Please, try it and tell if it works good because I don't have experience with JBOSS and I'm not sure about this solution...

              Nuts

              • 4. Re: Why does SB context.getCallerPrincipal() return instance
                James Moring Newbie

                Must custom login module descends from AbstractServerLoginModule and implements the getRoleSets() method as follows. Notice the group I add called CallerPrincipal. This causes my custom principal to be returned from calls to sessionContext.getCallerPrincipal()


                // create a HashMap to hold the groups as they are created
                HashMap oGroups = new HashMap();


                // ************************************

                // Set the Principal class returned from a call to getCallerPrincipal()
                Group oCallerPrincipalGroup = new SimpleGroup("CallerPrincipal");
                oCallerPrincipalGroup.addMember( getIdentity() ); // add your principal here
                oGroups.put( "CallerPrincipal", oCallerPrincipalGroup );

                // *************************************


                // Loop through the RowSet and create the Groups
                do
                {

                // Get the Role and RoleGroup from the RowSet
                String sRoleGroup = oRowSet.getString( "ApplicationRoleGroup" );
                String sRole = oRowSet.getString( "ApplicationRoleCode" );

                getLogger().inspect( "RoleGroup", sRoleGroup );
                getLogger().inspect( "Role", sRole );

                // Check to see if the Group has already been created
                Group oGroup = (Group)oGroups.get( sRoleGroup );
                if( oGroup == null )
                {
                oGroup = new SimpleGroup( sRoleGroup );
                oGroups.put( sRoleGroup, oGroup );
                }

                // Add this role to the group
                oGroup.addMember( new SimplePrincipal(sRole) );

                }
                while( oRowSet.next() );

                // create and populate the Group array
                Group[] aGroups = new Group[ oGroups.size() ];
                oGroups.values().toArray( aGroups );

                // Finally return the Groups
                return aGroups;

                • 5. Re: Why does SB context.getCallerPrincipal() return instance
                  Todd Newbie

                  jmoring,

                  Are you using 3.0.3? If you could attach your complete LoginModule ... perhaps I'm leaving something simple out. I've created the "CallerPrincipal" group, but still get the SimplePrincipal from the EJBContext. I've been battling this for two days now. Thanks!