[JBoss-user] [Security & JAAS/JBoss] - Re: How to get authenticated user's Subject from EJB
Hi, First of all, Thanks NigelWhite & scott stark . Yes, We need to specify element in jboss.xml. Then only, the PolicyContext.getContext method will return Subject otherwise it will return null. And it should have same value as element in jboss-web.xml. And If you add element in jboss.xml, then you must specify element for your EJBs, otherwise you can't access your EJBs from servlet or jsp. (First I wrongly understood, I thought to get Subject from EJB we must use CustomLogin module, Sorry, Its not correct, the key thing is element in jboss.xml) For those who need sample code The following is by my session bean's business method public String sayHello() { | try { | Subject mySubject=(Subject)PolicyContext.getContext("javax.security.auth.Subject.container"); | return mySubject.toString(); | }catch(Exception e) { | throw new EJBException("sayHello method failed to get subject",e); | } | } The following my jboss.xml assembly descriptor part | | | | | HelloEJB | * | | | The following is my Hello.jsp code <%@ page import="javax.naming.InitialContext, javax.rmi.PortableRemoteObject, hello.*" %> | <% | InitialContext ctxt=new InitialContext(); | HelloHome home=(HelloHome)PortableRemoteObject.narrow(ctxt.lookup("java:comp/env/ejb/HelloEJB"),HelloHome.class); | Hello hello=home.create(); | %> | | | | | | body { | font-family:'Comic Sans MS'; | font-size:11pt; | } | | | | <%=hello.sayHello()%> | | and this is the output Subject: Principal: user2 Principal: Roles(members:employee,manager) Thanks again View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3934815#3934815 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3934815 --- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642 ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security & JAAS/JBoss] - Re: How to get authenticated user's Subject from EJB
thanks, So I have to write Custom Login Module, I am new to JAAS, but i will try it thanks again, View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3934192#3934192 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3934192 --- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642 ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security & JAAS/JBoss] - Re: How to get authenticated user's Subject from EJB
I've been through this. http://www.jboss.com/index.html?module=bb&op=viewtopic&t=45724&postdays=0&postorder=asc&start=19 That's the final posting where I have it all working... It was a painful process which a lot of people also seem to have probs with. It is not well documented, and still, I feel inconsistent. The way that you MUST have an emopty security-domain entry in jboss.xml, and must put the @SecurityDomain("foo") annotation into every EJB. Weird. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3933983#3933983 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3933983 --- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642 ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security & JAAS/JBoss] - Re: How to get authenticated user's Subject from EJB
Thanks, but I am not able to get the Subject from EJB It is always returning null, but JSP code is perfectly returning Subject See the following code, and output the following is session bean's business method public String thanks() { | try { | Subject userSubject=(Subject)PolicyContext.getContext("javax.security.auth.Subject.container"); | if(userSubject!=null) | return userSubject.toString(); | else | return "save me"; | }catch(Exception e) { | throw new EJBException("thanks method got exception",e); | } | } the following is calling JSP <%@ page import="javax.naming.InitialContext, javax.rmi.PortableRemoteObject, javax.security.auth.Subject, javax.security.jacc.PolicyContext, prototypebeans.permission.*, prototype.QueryPermission" %> | <% | InitialContext ctxt=new InitialContext(); | PermissionManagerHome home=(PermissionManagerHome)PortableRemoteObject.narrow(ctxt.lookup("java:comp/env/ejb/PermissionManagerEJB"),PermissionManagerHome.class); | PermissionManager permissionManager=home.create(); | out.println("From EJB, "+permissionManager.thanks()); | Subject userSubject=(Subject)PolicyContext.getContext("javax.security.auth.Subject.container"); | out.println("From JSP, subject is "+userSubject); | %> The following is output i got >From EJB, save me | From JSP, subject is Subject: Principal: user1 Principal: Roles(members:admin) Did any one obtain Subject from EJB code? Please help me View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3933934#3933934 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3933934 --- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642 ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security & JAAS/JBoss] - Re: How to get authenticated user's Subject from EJB
Q9 http://wiki.jboss.org/wiki/Wiki.jsp?page=SecurityFAQ View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3933501#3933501 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3933501 --- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642 ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user