0 Replies Latest reply on Jun 3, 2003 4:29 PM by jraby

    Passing JAAS Subject from an EJB to an RA

    jraby Newbie

      I'm working on a resource adapter and have got some questions on authentication in the case where the client is an EJB which already has a JAAS subject. In this case, my expectation was that when the client calls the ConnectionFactory.getConnection() method, that the ManagedConnectionFactory.createManagedConnection() method should automatically be passed a copy of the client's subject. However, this is not the behavior that I am seeing.

      The EJB client performs a LoginContext.login() successfully. I can then dump the Subject and verify that it's data make sense. The EJB then instantiates a ConnectionFactory and calls getConnection(). ManagedConnectionFactory.createManagedConnection() receives a null Subject. Why?

      In my ra.xml, I specify BasicPassword authentication, because in the normal case the client will not have a Subject, and will instead pass a ConnectionSpec with username/password that the RA verifies. However, I would also like to handle the case where the client already has a Subject. In that case, I would like to use the Subject that is passed in (if I could only get it to be passed in...)

      I assume that this is a configuration problem, but I'm not at all clear on how the RA needs to be configured. Here is a copy of my simple TestRA-ds.xml:

      <?xml version="1.0" encoding="UTF-8"?>

      and here is the simple ra.xml:

      <?xml version="1.0" encoding="UTF-8"?>
      <!DOCTYPE connector PUBLIC '-//Sun Microsystems, Inc.//DTD Connector 1.0//EN' 'http://java.sun.com/dtd/connector_1_0.dtd'>

      Test JCA Connector
      <vendor-name>FileNet Corporation</vendor-name>