[jboss-user] [Security] - Re: Authentication succeeded, getCallerPrincipal()=anonymous
zour
do-not-reply at jboss.com
Thu Oct 29 11:23:31 EDT 2009
> How does your client access your secured app?
FarmerBeanRemote farmerBean = UserSession.getInstance(getShell().getDisplay()).getMasterDataServices().locateFarmerBean();
| try {
| farmerBean.setAnything(this.actor, id);
| } catch (Exception ex) {
| throw new RuntimeException(ex);
| }
Obtaining of RAP client's user session:
public static UserSession getInstance(Display display) {
| return SessionAccessRunner.getUserSession(display);
| }
Bean lookup:
public FarmerBeanRemote locateFarmerBean() {
| try {
| Object objRef = getInitialContext().lookup(FARMER_BEAN);
| return (FarmerBeanRemote) PortableRemoteObject.narrow(objRef, FarmerBeanRemote.class);
| } catch (Exception ex) {
| throw new RuntimeException("Failed to lookup FarmerBean: " + ex.getMessage(), ex);
| }
| }
The lookup does work, as well as using methods from that bean.
Yet the injected SessionContext isn't aware of the login process.
> Is it a standalone application client
It is a RAP-Client (Rich Ajax Platform) deployed to JBoss. Practically it's running inside a JVM on the server. But any UI elements are rendered in an internet browser (using qooxdoo Javascript-Engine). It's RCP for the web browser.
> Is some servlet/website/web service called?
As far as I understand, a component called ServletBridge does this:
"org.eclipse.equinox.servletbridge.http:
Hooks back into the servlet bridge and proxies requests through to the servlet container to provide an OSGi Http Service."
> How does the client log in?
Via a webpage (login.html) before the RAP-Application starts, see web.xml above.
Maybe this isn't all about JBoss Security, but has something to do with how RAP handles requests, as I found here:
http://dev.eclipse.org/newslists/news.eclipse.technology.equinox/msg04603.html
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4263004#4263004
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4263004
More information about the jboss-user
mailing list