You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomee.apache.org by BenD <be...@baesystems.com> on 2011/08/25 07:36:00 UTC

The subject created when creating a remote ejb using Tomcat 6 & OpenEJB

Hey all,

I'm wondering why  Subject.getSubject( AccessController.getContext() )
always returns null when used from within an EJB. I create the EJB using an
InitialContext.

           Properties p = new Properties();
            p.put( Context.INITIAL_CONTEXT_FACTORY,
"org.apache.openejb.client.LocalInitialContextFactory" );
            p.put( "java.naming.security.principal", "joe" ); 
            p.put( "java.naming.security.credentials", "cool" );
            p.put( "openejb.authentication.realmName", "PropertiesLogin" );

            InitialContext ctx = new InitialContext( p );

            SecurityChainLetterLocal localBean = (SecurityChainLetterLocal)
ctx.lookup( "SecurityChainLetterBeanLocal" );


What I'm trying to achieve is to store a token in either the UserPrincipal
or Private Credentials of the subject that I can use to communicate with
another system from my EJB.

I can't obtain the subject using the above method because I think that
AccessController.getContext() returns just the Default OpenEJB context.

I also tried to access the principal using the SessionContext obtained using
injection:

@Resource
public SessionContext sctx;
Principal p = sctx.getCallerPrincipal();
System.out.println(p.getName());

This prints the name of my principal and when debugging I can see the
principal (and the LoginContext and the subject) that tomcat has generated.

I have configured JAAS Realm as the following in the server.xml 

<Realm appName="MyToken" 
className="org.apache.catalina.realm.JAASRealm" 
roleClassNames="com.my.GroupPrincipal" 
userClassNames="com.my.UserPrincipal"/>

My problem is that the Principal "p" is
org.apache.openejb.tomcat.catalina.TomcatSecurityService.TomcatUser
which is a protected static class within the TomcatSecurityService so I am
unable to obtain the GenericPrincipal that TomcatUser stores in the private
variable tomcatPrincipal.


I am using Tomcat 6.0 and openEJB 3.1.4.


Any help would be appreciated.

Thanks 
Ben

--
View this message in context: http://openejb.979440.n4.nabble.com/The-subject-created-when-creating-a-remote-ejb-using-Tomcat-6-OpenEJB-tp3767387p3767387.html
Sent from the OpenEJB User mailing list archive at Nabble.com.