0 Replies Latest reply on Jan 2, 2005 5:22 PM by Dominik Strehlke

    Is a check of EJBContext.getCallerPrincipal() safe?

    Dominik Strehlke Newbie


      Currently I am authenticating clients via a servlet. This servlet then invokes SecurityAssocitation.setPrincipal() to store the user id.

      My EJBs then check via a SecurityProxy if the user id (fetched by getCallerPrincipal() from the local EJBContext) is authorized to do what it wants.

      I do not use any JAAS related stuff.

      My question now is if this idea is safe enough, in other words, can the EJB _rely_ on the fact that its EJBContext's CallerPrincipal was definitely set by the authorization servlet? Or is it possible for a client to bypass that servlet and call SecurityAssociation.setPrincipal() itself?

      Thanks a lot in advance, any help is very much appreciated!