0 Replies Latest reply on Jun 3, 2003 4:29 PM by jraby

    Passing JAAS Subject from an EJB to an RA

    jraby Newbie

      I'm working on a resource adapter and have got some questions on authentication in the case where the client is an EJB which already has a JAAS subject. In this case, my expectation was that when the client calls the ConnectionFactory.getConnection() method, that the ManagedConnectionFactory.createManagedConnection() method should automatically be passed a copy of the client's subject. However, this is not the behavior that I am seeing.

      The EJB client performs a LoginContext.login() successfully. I can then dump the Subject and verify that it's data make sense. The EJB then instantiates a ConnectionFactory and calls getConnection(). ManagedConnectionFactory.createManagedConnection() receives a null Subject. Why?

      In my ra.xml, I specify BasicPassword authentication, because in the normal case the client will not have a Subject, and will instead pass a ConnectionSpec with username/password that the RA verifies. However, I would also like to handle the case where the client already has a Subject. In that case, I would like to use the Subject that is passed in (if I could only get it to be passed in...)

      I assume that this is a configuration problem, but I'm not at all clear on how the RA needs to be configured. Here is a copy of my simple TestRA-ds.xml:

      <?xml version="1.0" encoding="UTF-8"?>
      <connection-factories>
      <tx-connection-factory>
      <jndi-name>TestJCA</jndi-name>
      <xa-transaction/>
      <adapter-display-name>TestJCA</adapter-display-name>
      <min-pool-size>0</min-pool-size>
      </tx-connection-factory>
      </connection-factories>


      and here is the simple ra.xml:

      <?xml version="1.0" encoding="UTF-8"?>
      <!DOCTYPE connector PUBLIC '-//Sun Microsystems, Inc.//DTD Connector 1.0//EN' 'http://java.sun.com/dtd/connector_1_0.dtd'>

      <display-name>TestJCA</display-name>
      Test JCA Connector
      <vendor-name>FileNet Corporation</vendor-name>
      <spec-version>1.0</spec-version>
      <eis-type>Test</eis-type>
      4.0

      <managedconnectionfactory-class>filenet.daphne.jca.DaphneManagedConnectionFactory</managedconnectionfactory-class>
      <connectionfactory-interface>javax.resource.cci.ConnectionFactory</connectionfactory-interface>
      <connectionfactory-impl-class>filenet.daphne.jca.DaphneConnectionFactory</connectionfactory-impl-class>
      <connection-interface>javax.resource.cci.Connection</connection-interface>
      <connection-impl-class>filenet.daphne.jca.DaphneConnection</connection-impl-class>
      <transaction-support>NoTransaction</transaction-support>
      <authentication-mechanism>
      <authentication-mechanism-type>BasicPassword</authentication-mechanism-type>
      <credential-interface>javax.resource.spi.security.PasswordCredential</credential-interface>
      </authentication-mechanism>
      <reauthentication-support>false</reauthentication-support>