Well I have another related question.
It's possible to inject SessionContext and call getCallerPrincipal(). This way
a EJB3 SLSB can find who is calling the method.
| @Resource
| javax.ejb.SessionContext ctx;
|
So,
If we defined an application-policy for each of our web modules (and also
defined security-domain in jboss-web.xml) and want to make a programmatic
decision in our SLSBs, how can we learn which securityDomain we're in?
To be implemented example:
| <application-policy name="evrim">
| ...
| </application-policy>
|
| <application-policy name="aycan">
| ...
| </application-policy>
|
| @Stateless
| @Local( { CoreService.class })
| public class CoreServiceBean {
| public void decide() {
| /* do only for evrim */
| // if ("evrim".equals(securityDomain.toString)) {
| // doPrivilegedWork
| // } else {
| // throw new SecurityException();
| // }
| }
| }
|
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3893907#3893907
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3893907
-------------------------------------------------------
SF.Net email is Sponsored by the Better Software Conference & EXPO
September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices
Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA
Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
_______________________________________________
JBoss-user mailing list
JBoss-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jboss-user
