[jboss-user] [Security & JAAS/JBoss] - Custom Interceptor & Reading Principal for MDB's
steff517
do-not-reply at jboss.com
Fri Aug 14 10:49:16 EDT 2009
Hi,
I have a problem with JBoss security. I implemented an interceptor in which I need to read the current principal. This basically works very well, I get the subject using the following code:
1. (Subject) PolicyContext.getContext("javax.security.auth.Subject.container")
The problem occurs when I have a Message Driven Bean which is annotated with @RunAs("SYSTEM"). The code above always returns null. I also tried the following code, to read the subject.
Subject.getSubject(AccessController.getContext());
and also reading from the sessionContext
sctx.getCallerPrincipal()
With all this, I didn't have success. I saw in the JBoss sources that the RunAsIdentity is sort of a special treatment which is read by the SecurityInterceptor like this:
SecurityActions.peekRunAsIdentity()
But calling this is not possible for me due to security restricitons and I think it's also not meant to be read like this.
Does anybody have an idea what is the correct way to read the subject and principal in this case?
Thanks!
stefan
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4249663#4249663
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4249663
More information about the jboss-user
mailing list