Seconded! I'm sure I never saw this on the list... I've ended up making
Jonas-specific calls to achieve fat-client authentication, and would have loved
to use this.
Joe
"Halas, Miroslav" wrote:
> John, this is awesome, in my opinion this is the way to go. I cannot find
> your code in the previous posting, can you please resubmit it. Thanks a lot
> in advance. Philippe, what is your opinion about this. This sounds like a
> more standard way to handle the security and it is very similar how for
> example Weblogic does it.
>
> Miro Halas
>
> -----Original Message-----
> From: John Ellis [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, January 11, 2001 8:05 AM
> To: Philippe Coq
> Cc: Robins, Anthony; [EMAIL PROTECTED]
> Subject: Re: Passing a security principal from client to bean
>
> Anthony,
>
> What we did was to create a JNDI implementation that handles security in the
> standard way that you requested below. It uses the security prop that
> Philippe
> mentioned, but it correctly wraps it for you so that you do not have to make
> non-J2EE calls in your application code. I have submitted it to the group,
> but
> have not heard anything back. I would be happy to seperately send it to you
> for your use or whatever.
>
> John
>
> Philippe Coq wrote:
>
> > > "Robins, Anthony" wrote:
> > >
> > > I am trying the following without success.
> > > My jonas-users.properties is
> > > joebar = admin
> > >
> > > java.util.Properties props = new java.util.Properties();
> > > props.put(Context.SECURITY_PRINCIPAL, "joebar");
> > > //props.put(Context.SECURITY_CREDENTIALS, "123");
> > >
> > > Context initialContext = null;
> > > try {
> > > //initialContext = new InitialContext(props);
> > > initialContext = new InitialContext(props);
> > > } catch (Exception e) {
> > > System.err.println("Cannot get initial context for JNDI: "
> > > + e);
> > > System.exit(2);
> > > }
> > >
> > > It thinks that the principal is Jonas_client via the following trace
> > > message.
> > > "received_request() : received request context principal : name =
> > > JOnAS_client"
> >
> > Hi,
> > You have an example of propagation of security context in the
> > sample security under $JONAS_ROOT/examples/src/security
> > But in this example authentication is made via Tomcat.
> > If you want to use the propagation mechanism of JOnAS
> > you must associate a Security context in the thread that
> > makes the distributed call
> > by doing the following:
> >
> > On the client side:
> > import org.enhydra.security.avs.api.SecurityCurrent ;
> > import org.enhydra.security.avs.api.SecurityContext ;
> > public class ClientX {
> > public static void main(String args[]) {
> > SecurityCurrent current = SecurityCurrent.getCurrent() ;
> > SecurityContext ctx = new SecurityContext ("principal1") ;
> > current.setSecurityContext (ctx) ;
> > try{
> > obj.meth();
> > .....
> > .....
> > }
> > }
> >
> > On the server side code of the Bean:
> > import java.security.Principal ;
> > ...
> > ....
> > public void setSessionContext(SessionContext sessionContext) {
> > this.sessionContext = sessionContext;
> > }
> > public void meth() {
> > Principal callerPrincipal = sessionContext.getCallerPrincipal()
> ;
> > System.out.println(callerPrincipal.getName() );
> > ....
> > }
> >
> > If you are using RMI don't forget to call GenIC with the -secpropag
> > option
> > (if you are using Makefile similar to those of the samples
> > set GENICFLAGS = -secpropag)
> >
> > If you are using Jeremie set the jonathan.prop file
> > cf http://www.objectweb.org/messages/JonasUsers/2000/12/msg00012.html
> > relative to the security
> >
> > Best regards
> > --
> > Philippe
> >
> > Philippe Coq Evidian Phone: (33) 04 76 29 78 49
> > Bull S.A - 1 rue de Provence - 38432 Echirolles Cedex France
> > Download our EJBServer at http://www.objectweb.org
> > ----
> > To unsubscribe, send email to [EMAIL PROTECTED] and
> > include in the body of the message "unsubscribe jonas-users".
> > For general help, send email to [EMAIL PROTECTED] and
> > include in the body of the message "help".
>
> ----
> To unsubscribe, send email to [EMAIL PROTECTED] and
> include in the body of the message "unsubscribe jonas-users".
> For general help, send email to [EMAIL PROTECTED] and
> include in the body of the message "help".
> ----
> To unsubscribe, send email to [EMAIL PROTECTED] and
> include in the body of the message "unsubscribe jonas-users".
> For general help, send email to [EMAIL PROTECTED] and
> include in the body of the message "help".
----
To unsubscribe, send email to [EMAIL PROTECTED] and
include in the body of the message "unsubscribe jonas-users".
For general help, send email to [EMAIL PROTECTED] and
include in the body of the message "help".
