[jboss-user] [Security & JAAS/JBoss] - HTTP Auth & callerPrincipal

joshd do-not-reply at jboss.com
Thu Mar 6 06:37:46 EST 2008

I am quite new to jboss at all, and facing a problem with a login part of an app using ejb3 with SOA and a js-ajax web-client).

I have to use http-authentication and my LoginModule (extends UserNamePasswordModule) is working pretty fine so far. My LoginModule uses a session bean - my SecurityManager, to retrieve a User-Object for the name/password provided by the user through the http-auth-dialog. The name provided looks like "client/username". In my SecurityManager I split and process these infos and do my db-authenticaton (for this user an this client). And it works fine - for both LDAP and DB.

The problem for me now is, the the sessionContext.callerPrincipal gives me the user-provided string ("client/username") whereas I would need the name of user (Userobject.getname).
So how can I reach that? Do I have to set the caller somehow, when I changed the name after entering by the user?

thanks a lot,

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4134530#4134530

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4134530

More information about the jboss-user mailing list