Hey all, I'm wondering why Subject.getSubject( AccessController.getContext() ) always returns null when used from within an EJB. I create the EJB using an InitialContext.
Properties p = new Properties(); p.put( Context.INITIAL_CONTEXT_FACTORY, "org.apache.openejb.client.LocalInitialContextFactory" ); p.put( "java.naming.security.principal", "joe" ); p.put( "java.naming.security.credentials", "cool" ); p.put( "openejb.authentication.realmName", "PropertiesLogin" ); InitialContext ctx = new InitialContext( p ); SecurityChainLetterLocal localBean = (SecurityChainLetterLocal) ctx.lookup( "SecurityChainLetterBeanLocal" ); What I'm trying to achieve is to store a token in either the UserPrincipal or Private Credentials of the subject that I can use to communicate with another system from my EJB. I can't obtain the subject using the above method because I think that AccessController.getContext() returns just the Default OpenEJB context. I also tried to access the principal using the SessionContext obtained using injection: @Resource public SessionContext sctx; Principal p = sctx.getCallerPrincipal(); System.out.println(p.getName()); This prints the name of my principal and when debugging I can see the principal (and the LoginContext and the subject) that tomcat has generated. I have configured JAAS Realm as the following in the server.xml <Realm appName="MyToken" className="org.apache.catalina.realm.JAASRealm" roleClassNames="com.my.GroupPrincipal" userClassNames="com.my.UserPrincipal"/> My problem is that the Principal "p" is org.apache.openejb.tomcat.catalina.TomcatSecurityService.TomcatUser which is a protected static class within the TomcatSecurityService so I am unable to obtain the GenericPrincipal that TomcatUser stores in the private variable tomcatPrincipal. I am using Tomcat 6.0 and openEJB 3.1.4. Any help would be appreciated. Thanks Ben -- View this message in context: http://openejb.979440.n4.nabble.com/The-subject-created-when-creating-a-remote-ejb-using-Tomcat-6-OpenEJB-tp3767387p3767387.html Sent from the OpenEJB User mailing list archive at Nabble.com.