You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomee.apache.org by ereshgorantla <er...@gmail.com> on 2015/11/16 13:56:54 UTC
Bind login user to EJBContext using security filter using
java:comp/EJBContext
HI ,
We had an application which runs in WebLogic . we are migrating it to TOMEE
.
While in Weblogic we use to bind username to ejb in following way
https://docs.oracle.com/cd/E11035_01/wls100/security/thin_client.html#wp1035574
<https://docs.oracle.com/cd/E11035_01/wls100/security/thin_client.html#wp1035574>
Similarly I am trying to do for TomEE as well . But I found some issues with
this. I created a sample application which has programmatic approach for
realm.
web.xml:
Nothing much other than welcome file list as I used servlet3 annotation for
filters.
securityfilter-config.xml: Uploaded securityfilter-config.xml
<http://tomee-openejb.979440.n4.nabble.com/file/n4676793/securityfilter-config.xml>
SecurityRealm.java: SecurityRealm.java
<http://tomee-openejb.979440.n4.nabble.com/file/n4676793/SecurityRealm.java>
AuthenticationFilter.java: AuthenticationFilter.java
<http://tomee-openejb.979440.n4.nabble.com/file/n4676793/AuthenticationFilter.java>
HelloBean.java: HelloBean.java
<http://tomee-openejb.979440.n4.nabble.com/file/n4676793/HelloBean.java>
How to get user name as a result when we lookup for "java:conp/EJBContext"
--
View this message in context: http://tomee-openejb.979440.n4.nabble.com/Bind-login-user-to-EJBContext-using-security-filter-using-java-comp-EJBContext-tp4676793.html
Sent from the TomEE Dev mailing list archive at Nabble.com.
Re: Bind login user to EJBContext using security filter using
java:comp/EJBContext
Posted by ereshgorantla <er...@gmail.com>.
Ya sure my approach worked . Thanks
--
View this message in context: http://tomee-openejb.979440.n4.nabble.com/Bind-login-user-to-EJBContext-using-security-filter-using-java-comp-EJBContext-tp4676793p4676862.html
Sent from the TomEE Dev mailing list archive at Nabble.com.
Re: Bind login user to EJBContext using security filter using java:comp/EJBContext
Posted by Romain Manni-Bucau <rm...@gmail.com>.
Just do the exit method at the end. A quick way which should be done on the
fly is to wrap your realm in TomEERealm. Not sure how your setup skips it
since it is there OOTB normally.
Le 17 nov. 2015 05:24, "ereshgorantla" <er...@gmail.com> a écrit :
> Hi Romain ,
> Thanks for the reply we are not using JAASRealm we are using custom way.
> I found a way to get username in ejbcontext who is logged in .
>
> I used TomcatSecurityService to get it done.
>
> TomcatSecurityService ss = (TomcatSecurityService)
> SystemInstance.get().getComponent(SecurityService.class);
> ss.enterWebApp(realm, principal, login);
>
> If i do this I can able to get user in EJBContext . Is there any
> implications by doing so?
>
>
>
> --
> View this message in context:
> http://tomee-openejb.979440.n4.nabble.com/Bind-login-user-to-EJBContext-using-security-filter-using-java-comp-EJBContext-tp4676793p4676812.html
> Sent from the TomEE Dev mailing list archive at Nabble.com.
>
Re: Bind login user to EJBContext using security filter using
java:comp/EJBContext
Posted by ereshgorantla <er...@gmail.com>.
Hi Romain ,
Thanks for the reply we are not using JAASRealm we are using custom way.
I found a way to get username in ejbcontext who is logged in .
I used TomcatSecurityService to get it done.
TomcatSecurityService ss = (TomcatSecurityService)
SystemInstance.get().getComponent(SecurityService.class);
ss.enterWebApp(realm, principal, login);
If i do this I can able to get user in EJBContext . Is there any
implications by doing so?
--
View this message in context: http://tomee-openejb.979440.n4.nabble.com/Bind-login-user-to-EJBContext-using-security-filter-using-java-comp-EJBContext-tp4676793p4676812.html
Sent from the TomEE Dev mailing list archive at Nabble.com.
Re: Bind login user to EJBContext using security filter using java:comp/EJBContext
Posted by Romain Manni-Bucau <rm...@gmail.com>.
Hi
Quick check before digging: did you set up JAASRealm or jaas at all? This
is the way ejb get the principals.
Le 16 nov. 2015 05:14, "ereshgorantla" <er...@gmail.com> a écrit :
> HI ,
> We had an application which runs in WebLogic . we are migrating it to TOMEE
> .
> While in Weblogic we use to bind username to ejb in following way
>
> https://docs.oracle.com/cd/E11035_01/wls100/security/thin_client.html#wp1035574
> <
> https://docs.oracle.com/cd/E11035_01/wls100/security/thin_client.html#wp1035574
> >
>
> Similarly I am trying to do for TomEE as well . But I found some issues
> with
> this. I created a sample application which has programmatic approach for
> realm.
>
> web.xml:
> Nothing much other than welcome file list as I used servlet3 annotation for
> filters.
>
> securityfilter-config.xml: Uploaded securityfilter-config.xml
> <
> http://tomee-openejb.979440.n4.nabble.com/file/n4676793/securityfilter-config.xml
> >
>
> SecurityRealm.java: SecurityRealm.java
> <
> http://tomee-openejb.979440.n4.nabble.com/file/n4676793/SecurityRealm.java
> >
>
> AuthenticationFilter.java: AuthenticationFilter.java
> <
> http://tomee-openejb.979440.n4.nabble.com/file/n4676793/AuthenticationFilter.java
> >
>
> HelloBean.java: HelloBean.java
> <http://tomee-openejb.979440.n4.nabble.com/file/n4676793/HelloBean.java>
>
> How to get user name as a result when we lookup for "java:conp/EJBContext"
>
>
>
>
>
>
> --
> View this message in context:
> http://tomee-openejb.979440.n4.nabble.com/Bind-login-user-to-EJBContext-using-security-filter-using-java-comp-EJBContext-tp4676793.html
> Sent from the TomEE Dev mailing list archive at Nabble.com.
>