Hi, Matt
There's not that much "seems" to it, nor black magic. :-)
I can't tell why EJBs in one scenario see "guest" and in the other they see
the proper user, since I don't know how you're logging in and what the test
program is.
In short, though, there are only so many ways to identify a user to the
server in a proper way:
1. jndi.properties, or type it in to the dialog, when using an app client;
2. form-based login (again, a username/password pair);
3. client certs;
4. programmatic using the RoleManager (Orion-specific).
When you're using a servlet as your front-end, then, I guess the question
is, how are your users logging in? If they are not then you will always see
"guest".
It sounds like your test program is an app client, the login dialog is
popping up, and off you go - no problems. But that's just a guess.
So I guess it comes down to details on how your login in the servlet
situation is being accomplished, before we can offer any advice.
Arved Sandstrom
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Matt
MacGillivray
Sent: Wednesday, November 01, 2000 4:58 PM
To: Orion-Interest
Subject: Servlet to EJB Principals/Credentials problem! Impossible to
solve?!
MY GOAL:
I would like to properly log into orion, from a servlet, when requesting EJB
calls. I'd like to know which servlet users are hitting which EJBs without
explicitly passing the username and password around. This must be
possible!!
Here is the situation:
I'm running Orion 1.3.8 on WINNT 4.00.1381 with JDK-1.2.2_005.
Orion is running a servlet that accesses EJBs also run under Orion. I am
attempting to pass a username and password back through the use of the
SECURITY_PRINCIPAL and SECURITY_CREDENTIAL.
When the servlet sets up the call to the EJB and calls it, the PRINCIPAL,
when printed out from the EJB always seems to be 'guest'. When I use a test
program that calls the EJB through through orion, it seems to get the proper
username and password. Why does it not work through the servlet?
Why is this happening? One theory brought to my attention was that the two
scenarios use different virtual machines. i.e. the first scenario
(servlet -> ejb) always uses a single virtual machine, while the second
(test class -> ejb) uses two virtual machines (one for orion, one for the
test class). Why would separate virtual machines affect the PRINCIPALS and
CREDENTIALS?
Any and all help would be appreciated.
Matt MacGillivray
Technical Developer
Delfour Corporation
(905) 415-9779 x2021
[EMAIL PROTECTED]
