John, this is awesome, in my opinion this is the way to go. I cannot find
your code in the previous posting, can you please resubmit it. Thanks a lot
in advance. Philippe, what is your opinion about this. This sounds like a
more standard way to handle the security and it is very similar how for
example Weblogic does it.
Miro Halas
-----Original Message-----
From: John Ellis [mailto:[EMAIL PROTECTED]]
Sent: Thursday, January 11, 2001 8:05 AM
To: Philippe Coq
Cc: Robins, Anthony; [EMAIL PROTECTED]
Subject: Re: Passing a security principal from client to bean
Anthony,
What we did was to create a JNDI implementation that handles security in the
standard way that you requested below. It uses the security prop that
Philippe
mentioned, but it correctly wraps it for you so that you do not have to make
non-J2EE calls in your application code. I have submitted it to the group,
but
have not heard anything back. I would be happy to seperately send it to you
for your use or whatever.
John
Philippe Coq wrote:
> > "Robins, Anthony" wrote:
> >
> > I am trying the following without success.
> > My jonas-users.properties is
> > joebar = admin
> >
> > java.util.Properties props = new java.util.Properties();
> > props.put(Context.SECURITY_PRINCIPAL, "joebar");
> > //props.put(Context.SECURITY_CREDENTIALS, "123");
> >
> > Context initialContext = null;
> > try {
> > //initialContext = new InitialContext(props);
> > initialContext = new InitialContext(props);
> > } catch (Exception e) {
> > System.err.println("Cannot get initial context for JNDI: "
> > + e);
> > System.exit(2);
> > }
> >
> > It thinks that the principal is Jonas_client via the following trace
> > message.
> > "received_request() : received request context principal : name =
> > JOnAS_client"
>
> Hi,
> You have an example of propagation of security context in the
> sample security under $JONAS_ROOT/examples/src/security
> But in this example authentication is made via Tomcat.
> If you want to use the propagation mechanism of JOnAS
> you must associate a Security context in the thread that
> makes the distributed call
> by doing the following:
>
> On the client side:
> import org.enhydra.security.avs.api.SecurityCurrent ;
> import org.enhydra.security.avs.api.SecurityContext ;
> public class ClientX {
> public static void main(String args[]) {
> SecurityCurrent current = SecurityCurrent.getCurrent() ;
> SecurityContext ctx = new SecurityContext ("principal1") ;
> current.setSecurityContext (ctx) ;
> try{
> obj.meth();
> .....
> .....
> }
> }
>
> On the server side code of the Bean:
> import java.security.Principal ;
> ...
> ....
> public void setSessionContext(SessionContext sessionContext) {
> this.sessionContext = sessionContext;
> }
> public void meth() {
> Principal callerPrincipal = sessionContext.getCallerPrincipal()
;
> System.out.println(callerPrincipal.getName() );
> ....
> }
>
> If you are using RMI don't forget to call GenIC with the -secpropag
> option
> (if you are using Makefile similar to those of the samples
> set GENICFLAGS = -secpropag)
>
> If you are using Jeremie set the jonathan.prop file
> cf http://www.objectweb.org/messages/JonasUsers/2000/12/msg00012.html
> relative to the security
>
> Best regards
> --
> Philippe
>
> Philippe Coq Evidian Phone: (33) 04 76 29 78 49
> Bull S.A - 1 rue de Provence - 38432 Echirolles Cedex France
> Download our EJBServer at http://www.objectweb.org
> ----
> To unsubscribe, send email to [EMAIL PROTECTED] and
> include in the body of the message "unsubscribe jonas-users".
> For general help, send email to [EMAIL PROTECTED] and
> include in the body of the message "help".
----
To unsubscribe, send email to [EMAIL PROTECTED] and
include in the body of the message "unsubscribe jonas-users".
For general help, send email to [EMAIL PROTECTED] and
include in the body of the message "help".
----
To unsubscribe, send email to [EMAIL PROTECTED] and
include in the body of the message "unsubscribe jonas-users".
For general help, send email to [EMAIL PROTECTED] and
include in the body of the message "help".
