[JBoss-user] [Security & JAAS/JBoss] - Re: How to get authenticated user's Subject from EJB

Tue, 04 Apr 2006 08:53:55 -0700 

Hi,

   First of all, Thanks NigelWhite & scott stark . 

   Yes, We need to specify <security-domain> element in jboss.xml. Then only, 
the PolicyContext.getContext method will return Subject otherwise it will 
return null.

   And it should have same value as <security-domain> element in jboss-web.xml. 

   And If you add <security-domain> element in jboss.xml, then you must specify 
<method-permission> element for your EJBs, otherwise you can't access your EJBs 
from servlet or jsp.

(First I wrongly understood, I thought to get Subject from EJB we must use 
CustomLogin module, Sorry, Its not correct, the key thing is <security-domain> 
element in jboss.xml)



For those who need sample code

The following is by my session bean's business method

  public String sayHello() {
  |     try {
  |       Subject 
mySubject=(Subject)PolicyContext.getContext("javax.security.auth.Subject.container");
  |       return mySubject.toString();
  |     }catch(Exception e) {
  |       throw new EJBException("sayHello method failed to get subject",e);
  |     }
  |   }


The following my jboss.xml assembly descriptor part


  |  <assembly-descriptor>
  |     <method-permission>
  |       <unchecked/>
  |       <method>
  |         <ejb-name>HelloEJB</ejb-name>
  |         <method-name>*</method-name>
  |       </method>
  |     </method-permission>
  |   </assembly-descriptor>

The following is my Hello.jsp code

<%@ page import="javax.naming.InitialContext, javax.rmi.PortableRemoteObject, 
hello.*" %>
  | <%
  |   InitialContext ctxt=new InitialContext();
  |   HelloHome 
home=(HelloHome)PortableRemoteObject.narrow(ctxt.lookup("java:comp/env/ejb/HelloEJB"),HelloHome.class);
  |   Hello hello=home.create();
  | %>
  | 
  | 
  | <html>
  | <head>
  | <style type="text/css">
  | body {
  |   font-family:'Comic Sans MS';
  |   font-size:11pt;
  | }
  | </style>
  | </head>
  | <body>
  | <%=hello.sayHello()%>
  | </body>
  | </html>

and this is the output

Subject: Principal: user2 Principal: Roles(members:employee,manager) 


Thanks again      

View the original post : 
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3934815#3934815

Reply to the post : 
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3934815


-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
_______________________________________________
JBoss-user mailing list
JBoss-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jboss-user

Reply via email to