[jboss-user] [Security] - Re: How to set EJBContext callerPrincipal from LoginModule?

hosier.david do-not-reply at jboss.com
Mon Aug 24 19:28:45 EDT 2009

I got this idea from the FAQ that is listed in the sticky post at the top of this forum, and it worked for me.  This idea presumes that the recommendation is followed to create a CallerPrincipal group in getRoleSets() and add your custom principal as a member of that group.

  |     	Principal callerPrincipal = null;
  |     	try {
  |     		Subject caller = (Subject) PolicyContext.getContext("javax.security.auth.Subject.container");
  |     		for (Principal p : caller.getPrincipals()) {
  |     			if (p.getName().equals("CallerPrincipal")) {
  |     				Group g = (Group)p;
  |     				callerPrincipal = g.members().nextElement();
  |     			}
  |     		}
  |     	} catch (Exception e) {
  |     		log.error("Error accessing Subject", e);
  |     	}

Obviously the code could be enhanced to recognize whatever groups you might use or to check the Principal type instead of just assuming there is one principal in a specific group.

View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4251329#4251329

Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4251329

More information about the jboss-user mailing list