Hi,
As your code excerpt contains a getInitialContext() method which is not used, I
dont clearly understand what you mean.
Anyway, one could tell that :
- You don't have to provide a set of properties to the InitialContext constructor
when you're inside a EJBean (this is a non-EJB client-only requirement). Use the
default InitialContext() constructor instead, which use default (in fact
server-defined) naming context properties.
- It make sense that you're not able to retrieve the credential (password) of a
calling indentity, for obvious security reasons. One could say that you should be
able to do so if you're an admin profile or so, but EJB roles does not define any
hierarchy between such roles. You could instead define a privileged EJB service
that is able to read or update underlying role information (such as user/password
stored in a database, a LDAP directory, and so on) that is able to perform this
low-level, not EJB operation.
- If your goal is to retrieve user principal and credential for authentification
purpose, you should simply define your EJB method runAsMode property as
CLIENT_IDENTITY to propagate client security context through your subsequent calls.
However I think that not what to try to do, as your code seem to try to add users
to security groups. Once again, such operation should be performed at a lower level
than EJB roles wich define applicative, upper-level, security restrictions.
Sethuraman Ramanathan wrote:
> hello all,
>
> I am trying to find a bean from inside another bean , I am getting the
> JNDI name from env , The question is how do i get hts SECURITY_CREDENTIAL to
> do the look up ??
>
> what i am doing right now is
>
> public void foo()
> {
>
> try
> {
> Properties prop = this.cntx.getEnvironment();
> String AdminHomeName = (String) prop.get("JNDIAdminName");
> AdminHomeName = AdminHomeName.trim();
> AdminHome aHome = ( AdminHome) ctx.lookup(AdminHomeName);
> Admin Admin = aHome.create();
> admin.addToGroup('abc', this.userName);
> }
> catch ( Exception ( Exception e )
> {
> throw new SecurityException( e.getMessage() );
> }
> }
>
> public Context getInitialContext() throws NamingException
> {
>
> Hashtable h = new Hashtable();
>
> h.put(Context.INITIAL_CONTEXT_FACTORY,"weblogic.jndi.T3InitialContextFactory");
> h.put(Context.PROVIDER_URL,"t3://localhost:7001");
> java.security.Identity identity = this.cntx.getCallerIdentity();
> h.put(Context.SECURITY_PRINCIPAL, identity);
> return new InitialContext(h);
> }
>
> I can get SECURITY_PRINCIPAL but how do i get SECURITY_CREDENTIAL ??
>
> - thanks
> sethu
>
> ______________________________________________________
> Get Your Private, Free Email at http://www.hotmail.com
>
> ===========================================================================
> To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
> of the message "signoff EJB-INTEREST". For general help, send email to
> [EMAIL PROTECTED] and include in the body of the message "help".
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
