You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomee.apache.org by André Zimmermann <zi...@gmail.com> on 2013/03/11 17:58:57 UTC

Re: tomcat/openejb security integration -> directions

Hi

I have the same problem with security context. You spoke about the updated
example

http://svn.apache.org/repos/asf/openejb/trunk/openejb/examples/cdi-ejbcontext-jaas/

Can you give me a correct link to it? Did you finally solved your problem?

Thanks André





--
View this message in context: http://openejb.979440.n4.nabble.com/tomcat-openejb-security-integration-directions-tp4656113p4661399.html
Sent from the OpenEJB Dev mailing list archive at Nabble.com.

Re: tomcat/openejb security integration -> directions

Posted by André Zimmermann <zi...@gmail.com>.

Thanks a lot for your help. I finally got it working.

Had to annotate the PrincipalEJB with @SessionScoped. It is also important,
that the EJB is a stateful bean.

@Stateful
@SessionScoped
public class PrinciaplEjb {
    @Resource
    private EJBContext context;

    public String info() {
        return context.getCallerPrincipal().getName();
    }
} 

>that's the way tomcat JAASRealm works (in fact this sentence is a little
>shortcut to say the relative hierarchy)

>basically if you create a session before the login it will work.

>here the login is called, there is no session so the principal is not
>cached in the session. 



--
View this message in context: http://openejb.979440.n4.nabble.com/tomcat-openejb-security-integration-directions-tp4656113p4661521.html
Sent from the OpenEJB Dev mailing list archive at Nabble.com.

Re: tomcat/openejb security integration -> directions

Posted by Romain Manni-Bucau <rm...@gmail.com>.

ok got it,

that's the way tomcat JAASRealm works (in fact this sentence is a little
shortcut to say the relative hierarchy)

basically if you create a session before the login it will work.

here the login is called, there is no session so the principal is not
cached in the session.

*Romain Manni-Bucau*
*Twitter: @rmannibucau <https://twitter.com/rmannibucau>*
*Blog: **http://rmannibucau.wordpress.com/*<http://rmannibucau.wordpress.com/>
*LinkedIn: **http://fr.linkedin.com/in/rmannibucau*
*Github: https://github.com/rmannibucau*



2013/3/13 Romain Manni-Bucau <rm...@gmail.com>

> sorry, my fault, gmail was hiding it
>
> *Romain Manni-Bucau*
> *Twitter: @rmannibucau <https://twitter.com/rmannibucau>*
> *Blog: **http://rmannibucau.wordpress.com/*<http://rmannibucau.wordpress.com/>
> *LinkedIn: **http://fr.linkedin.com/in/rmannibucau*
> *Github: https://github.com/rmannibucau*
>
>
>
> 2013/3/13 André Zimmermann <zi...@gmail.com>
>
>> I already shared the full example in a previous post from Mar 12, 2013;
>> 9:43am.
>>
>> I also described, how to use it.
>>
>> > please share the full sample ready to run
>>
>>
>>
>> --
>> View this message in context:
>> http://openejb.979440.n4.nabble.com/tomcat-openejb-security-integration-directions-tp4656113p4661493.html
>> Sent from the OpenEJB Dev mailing list archive at Nabble.com.
>>
>
>

Re: tomcat/openejb security integration -> directions

Posted by Romain Manni-Bucau <rm...@gmail.com>.

sorry, my fault, gmail was hiding it

*Romain Manni-Bucau*
*Twitter: @rmannibucau <https://twitter.com/rmannibucau>*
*Blog: **http://rmannibucau.wordpress.com/*<http://rmannibucau.wordpress.com/>
*LinkedIn: **http://fr.linkedin.com/in/rmannibucau*
*Github: https://github.com/rmannibucau*



2013/3/13 André Zimmermann <zi...@gmail.com>

> I already shared the full example in a previous post from Mar 12, 2013;
> 9:43am.
>
> I also described, how to use it.
>
> > please share the full sample ready to run
>
>
>
> --
> View this message in context:
> http://openejb.979440.n4.nabble.com/tomcat-openejb-security-integration-directions-tp4656113p4661493.html
> Sent from the OpenEJB Dev mailing list archive at Nabble.com.
>

Re: tomcat/openejb security integration -> directions

Posted by André Zimmermann <zi...@gmail.com>.

I already shared the full example in a previous post from Mar 12, 2013;
9:43am.

I also described, how to use it.

> please share the full sample ready to run 



--
View this message in context: http://openejb.979440.n4.nabble.com/tomcat-openejb-security-integration-directions-tp4656113p4661493.html
Sent from the OpenEJB Dev mailing list archive at Nabble.com.

Re: tomcat/openejb security integration -> directions

Posted by Romain Manni-Bucau <rm...@gmail.com>.

please share the full sample ready to run

*Romain Manni-Bucau*
*Twitter: @rmannibucau <https://twitter.com/rmannibucau>*
*Blog: **http://rmannibucau.wordpress.com/*<http://rmannibucau.wordpress.com/>
*LinkedIn: **http://fr.linkedin.com/in/rmannibucau*
*Github: https://github.com/rmannibucau*



2013/3/13 André Zimmermann <zi...@gmail.com>

> I added the InfoServlet which should return the previous logged in user.
>
> >what's your "extension"?
>
>
>
> --
> View this message in context:
> http://openejb.979440.n4.nabble.com/tomcat-openejb-security-integration-directions-tp4656113p4661486.html
> Sent from the OpenEJB Dev mailing list archive at Nabble.com.
>

Re: tomcat/openejb security integration -> directions

Posted by André Zimmermann <zi...@gmail.com>.

I added the InfoServlet which should return the previous logged in user.

>what's your "extension"? 



--
View this message in context: http://openejb.979440.n4.nabble.com/tomcat-openejb-security-integration-directions-tp4656113p4661486.html
Sent from the OpenEJB Dev mailing list archive at Nabble.com.

Re: tomcat/openejb security integration -> directions

Posted by Romain Manni-Bucau <rm...@gmail.com>.

what's your "extension"?

*Romain Manni-Bucau*
*Twitter: @rmannibucau <https://twitter.com/rmannibucau>*
*Blog: **http://rmannibucau.wordpress.com/*<http://rmannibucau.wordpress.com/>
*LinkedIn: **http://fr.linkedin.com/in/rmannibucau*
*Github: https://github.com/rmannibucau*



2013/3/12 André Zimmermann <zi...@gmail.com>

> Yes
>
> > you started it through maven tomee plugin?
>
>
>
> --
> View this message in context:
> http://openejb.979440.n4.nabble.com/tomcat-openejb-security-integration-directions-tp4656113p4661440.html
> Sent from the OpenEJB Dev mailing list archive at Nabble.com.
>

Re: tomcat/openejb security integration -> directions

Posted by André Zimmermann <zi...@gmail.com>.

Yes

> you started it through maven tomee plugin? 



--
View this message in context: http://openejb.979440.n4.nabble.com/tomcat-openejb-security-integration-directions-tp4656113p4661440.html
Sent from the OpenEJB Dev mailing list archive at Nabble.com.

Re: tomcat/openejb security integration -> directions

Posted by Romain Manni-Bucau <rm...@gmail.com>.

you started it through maven tomee plugin?

*Romain Manni-Bucau*
*Twitter: @rmannibucau <https://twitter.com/rmannibucau>*
*Blog: **http://rmannibucau.wordpress.com/*<http://rmannibucau.wordpress.com/>
*LinkedIn: **http://fr.linkedin.com/in/rmannibucau*
*Github: https://github.com/rmannibucau*



2013/3/12 André Zimmermann <zi...@gmail.com>

> In the following example, i extended the cdi-ejbcontext-jaas example and
> added a second service call.
>
> 1) First you can login with the existing service.
>
>
> http://localhost:8080/cdi-ejbcontext-jaas/ejbcontext?myUser=tomee&myPass=tomee
>
> 2) You can call the second service. I expect tomee as result but guest is
> returned.
>
> http://localhost:8080/cdi-ejbcontext-jaas/ejbcontextinfo
>
> cdi-ejbcontext-jaas.zip
> <http://openejb.979440.n4.nabble.com/file/n4661427/cdi-ejbcontext-jaas.zip
> >
>
> What is missing in that example?
>
> Thanks a lot for your help
>
>
>
> --
> View this message in context:
> http://openejb.979440.n4.nabble.com/tomcat-openejb-security-integration-directions-tp4656113p4661427.html
> Sent from the OpenEJB Dev mailing list archive at Nabble.com.
>

Re: tomcat/openejb security integration -> directions

Posted by André Zimmermann <zi...@gmail.com>.

In the following example, i extended the cdi-ejbcontext-jaas example and
added a second service call.

1) First you can login with the existing service.

http://localhost:8080/cdi-ejbcontext-jaas/ejbcontext?myUser=tomee&myPass=tomee

2) You can call the second service. I expect tomee as result but guest is
returned.

http://localhost:8080/cdi-ejbcontext-jaas/ejbcontextinfo

cdi-ejbcontext-jaas.zip
<http://openejb.979440.n4.nabble.com/file/n4661427/cdi-ejbcontext-jaas.zip>  

What is missing in that example?

Thanks a lot for your help



--
View this message in context: http://openejb.979440.n4.nabble.com/tomcat-openejb-security-integration-directions-tp4656113p4661427.html
Sent from the OpenEJB Dev mailing list archive at Nabble.com.

Re: tomcat/openejb security integration -> directions

Posted by Romain Manni-Bucau <rm...@gmail.com>.

basically openejb/trunk/openejb is now tomee/tomee/trunk

*Romain Manni-Bucau*
*Twitter: @rmannibucau <https://twitter.com/rmannibucau>*
*Blog: **http://rmannibucau.wordpress.com/*<http://rmannibucau.wordpress.com/>
*LinkedIn: **http://fr.linkedin.com/in/rmannibucau*
*Github: https://github.com/rmannibucau*



2013/3/11 André Zimmermann <zi...@gmail.com>

> Hi
>
> I have the same problem with security context. You spoke about the updated
> example
>
>
> http://svn.apache.org/repos/asf/openejb/trunk/openejb/examples/cdi-ejbcontext-jaas/
>
> Can you give me a correct link to it? Did you finally solved your problem?
>
> Thanks André
>
>
>
>
>
> --
> View this message in context:
> http://openejb.979440.n4.nabble.com/tomcat-openejb-security-integration-directions-tp4656113p4661399.html
> Sent from the OpenEJB Dev mailing list archive at Nabble.com.
>