The following is from my LoginAction class: | try | { | SecurityAssociationHandler handler = new | SecurityAssociationHandler(); | SimplePrincipal user = new SimplePrincipal(username); | handler.setSecurityInfo(user, password.toCharArray()); | LoginContext loginContext = new LoginContext("MySqlDBRealm", (CallbackHandler)handler); | loginContext.login(); | Subject subject = loginContext.getSubject(); | Set principals = subject.getPrincipals(); | principals.add(user); | | InitialContext ctx = new InitialContext(); | Logon logon = (Logon) ctx.lookup(Logon.class.getName()); | System.out.println("Addition: "+logon.add(2, 2)); | System.out.println("Subtract: "+logon.subtract(4, 2)); | | }catch(Exception e) | { | System.out.println("Incorrect password or username"); | } |
Sorry it is difficult to explain. I am sure I am not properly thinking. What I want to know is that I can successfully execute my EJB since I logged in, but if another class was to excute the methods on the EJB, I get a principal=null error. What I want to know is do I put the LoginContext variable in my session scope? If I don't than do I have to login each time before I execute a call in the EJB. In a web application you log the user in once. After that you would probably put something in the session scope to avoid them having to log in again and again. Can someone suggest to me how they implemented such a methodology? View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3865953#3865953 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3865953 ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user