I am trying to setup a JMS topic to update clients when operations on the server are performed. The problem is ignoring the JMS messages caused by the operations the
client executed itself. To be able to do this I thought of setting a generated session id as a principal of the authenticated subject. I am doing this on the server side to a subject
obtained by using SecurityAssociation.getSubject.
The problem is that when I log in using the same user name and password from two different clients and set the session id to the authenticated subject, it seems that server calls made by both clients see the same subject, which is having two session id:s as principals. Therefore I am unable to distinguish which client executed the business method call and I cannot include the proper session id in JMS message properties.
What I need to do is to distinguish on the server side which client made the call and include the information in JMS message properties. Is there any way of doing this using JAAS or do I need to figure out another way of passing a session id in business method calls?