I'm surprised that you suggest such a complex hack.
In fact, using static methods of the the JACC javax.security.jacc.PolicyContext
object, you can use
| HttpServletRequest request =
(HttpServletRequest)PolicyContext.getContext("javax.servlet.http.HttpServletRequest");
|
Using javax.security.jacc.PolicyContext.getHandlerKeys(), in my LoginModule, I
find
PolicyContext has "javax.ejb.arguments"
PolicyContext has "javax.servlet.http.HttpServletRequest". It is a
org.apache.catalina.connector.RequestFacade
PolicyContext has "javax.security.auth.Subject.container"
PolicyContext has "javax.xml.soap.SOAPMessage"
PolicyContext has "org.jboss.ejb.BeanMetaData"
PolicyContext has "javax.ejb.EnterpriseBean"
Most of the keys return null, only the "javax.servlet.http.HttpServletRequest"
key returns anything.
On Logout, I find
PolicyContext has "javax.ejb.arguments"
PolicyContext has "javax.servlet.http.HttpServletRequest". It is a
org.apache.catalina.connector.RequestFacade
PolicyContext has "javax.security.auth.Subject.container". It is a
javax.security.auth.Subject
PolicyContext has "javax.xml.soap.SOAPMessage"
PolicyContext has "org.jboss.ejb.BeanMetaData"
PolicyContext has "javax.ejb.EnterpriseBean"
So, looks like you can find the Subject any time using the
"javax.security.auth.Subject.container" key.
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3915245#3915245
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3915245
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
_______________________________________________
JBoss-user mailing list
JBoss-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jboss-user
