Re: Passing a security principal from client to bean

Thu, 11 Jan 2001 00:16:27 -0800 

> "Robins, Anthony" wrote:
> 
> I am trying the following without success.
> My jonas-users.properties is
> joebar = admin
> 
> java.util.Properties props = new java.util.Properties();
>         props.put(Context.SECURITY_PRINCIPAL, "joebar");
>         //props.put(Context.SECURITY_CREDENTIALS, "123");
> 
>         Context initialContext = null;
>         try {
>             //initialContext = new InitialContext(props);
>             initialContext = new InitialContext(props);
>         } catch (Exception e) {
>             System.err.println("Cannot get initial context for JNDI: "
> + e);
>             System.exit(2);
>         }
> 
> It thinks that the principal is Jonas_client via the following trace
> message.
> "received_request() : received request context principal : name =
> JOnAS_client"

Hi,
You have an example of propagation of security context in the
sample security under $JONAS_ROOT/examples/src/security
But in this example authentication is made via Tomcat.
If you want to use the propagation mechanism of JOnAS
you must associate a Security context in the thread that
makes the distributed call
by doing the following:

On the client side:
  import org.enhydra.security.avs.api.SecurityCurrent ;
  import org.enhydra.security.avs.api.SecurityContext ;
  public class ClientX {
        public static void main(String args[]) { 
                SecurityCurrent current = SecurityCurrent.getCurrent() ;
                SecurityContext ctx = new SecurityContext ("principal1") ;
                current.setSecurityContext (ctx) ;
                try{
                        obj.meth();
                        .....
                        .....
                }
   }

On the server side code of the Bean:
        import java.security.Principal ;
        ...
        ....
        public void setSessionContext(SessionContext sessionContext) {
          this.sessionContext = sessionContext;
        }
        public void meth() {
          Principal callerPrincipal = sessionContext.getCallerPrincipal() ;
          System.out.println(callerPrincipal.getName() );
          ....
        }

If you are using RMI don't forget to call GenIC with the -secpropag
option
(if you are using Makefile similar to those of the samples 
 set GENICFLAGS = -secpropag)

If you are using Jeremie set the jonathan.prop file 
cf http://www.objectweb.org/messages/JonasUsers/2000/12/msg00012.html
relative to the security

Best regards
-- 
        Philippe

Philippe Coq  Evidian   Phone: (33) 04 76 29 78 49
Bull S.A  - 1 rue de Provence - 38432 Echirolles Cedex France
Download our EJBServer at http://www.objectweb.org
----
To unsubscribe, send email to [EMAIL PROTECTED] and
include in the body of the message "unsubscribe jonas-users".
For general help, send email to [EMAIL PROTECTED] and
include in the body of the message "help".

Reply via email to