Sometime ago we change main developer server from weblogic to JBOSS and trying to
rebuild our security system to JBOSS security approach. But we discover than
Subject.doAs donÃÂÃÂÃÂÃÂt work at all. Please, explain how can we execute
privileged code?
Example
Code in non EJB class:
| ...............
| log.debug("run!1 principal =
"+SecurityAssociation.getPrincipal());
| ret = Subject.doAs(getInternalSubject(), new
PrivilegedExceptionAction()
| {
| public Object run() throws Exception
| {
| log.debug("run!2 principal =
"+SecurityAssociation.getPrincipal());
| return grant.getValue(si);
| }
| });
| ................
|
where
| public static Subject getInternalSubject()
| {
| log.debug("getInternalSubject");
| if (internalSubject == null)
| {
| try
| {
| LoginContext lc = new LoginContext("XXX-domain", new
XXXCallbackHandler("internal", "internal"));
| lc.login();
| internalSubject = lc.getSubject();
| }
| catch (LoginException e)
| {
| throw new SkyNetRuntimeException("Exception during internal
logining", e);
| }
| }
| log.debug("internal subject = " + internalSubject);
| return internalSubject;
| }
|
but we get
| run!1 Principal = phantom
| run!2 Principal = phantom
|
Also in SecurityAssociation I find very interesting methods: pushRunAsRole
popRunAsRole - can you explain in what cases I must/can use these methods?
Thank you!
<a
href="http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3827842#3827842";>View
the original post</a>
<a
href="http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3827842>Reply
to the post</a>
-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id�70&alloc_id638&op=click
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user
