I'm writing a web app (JSF, JBoss 4.2.1, EJB 3). The user is logged in by form based login - I've configured some login modules.
I need to access the user's javax.secrity.auth.Subject. I remembered tha some time ago, I used SecurityAssociation.getSubject() to do this, but now this doesn't work (always returns null).
Probably the difference to then is that today I try to call it from an EJB's method. Perhaps SecurityAssociation switches to that EJB's security context or so. I do not understand much of this, I do not use declarative security in EJB.
Is it possible to retrieve the logged in user's subject from within an EJB?