On Mon, Nov 24, 2003 at 11:00:49PM +0100, Bordet, Simone wrote: > Hi Alan and others, > > just curious if JACC somehow requires user code (servlet, EJB) to be able to > do: > > Subject s = Subject.getSubject(AccessController.getContext());
Nope. User code still only has access the the Principle objec through getCallerPrinciple > Or perhaps the whole machinery is only internal to the container ? Right. > I'm asking this to understand if you guys find out a fast way to associate a > Subject with an ACC without using the JAAS API (i.e. Subject.doAs()), but > still have the JAAS API to work fine (i.e. Subject.getSubject()). In the JACC spec the PolicyProvider doesn't even get the subject through a Subject.getSubject(), but rather uses a special callback handler to get it indirectly from the container. So, in, short it doesn't mix with JAAS post-login. -David
