[wildfly-dev] How to set an authorized identity to EltyronSecurity Context

Alessio Soldano asoldano at redhat.com
Wed May 30 05:27:20 EDT 2018


As suggested by Darran, I'm forwarding the message below to the list on
behalf of Jim.
The classes Jim is referring to are at
https://github.com/wildfly/wildfly/tree/master/webservices/server-integration/src/main/java/org/jboss/as/webservices/security


---------- Forwarded message ----------
From: Jim Ma <ema at redhat.com>
Date: Wed, May 30, 2018 at 9:03 AM
Subject: Set an authorized identity to EltyronSecurity Context
To: Darran Lofthouse <darran.lofthouse at redhat.com>
Cc: Alessio Soldano <asoldano at redhat.com>


Hi Darran,

We are helping look at a customer issue which requires propagate the
authenticated subject from webservice subsystem to

ejb subystem. With old security domain , we can do this with creating a
subject :

    @Override
    public void pushSubjectContext(final Subject subject, final Principal
principal, final Object credential) {
        AccessController.doPrivileged(new PrivilegedAction<Void>() {

            public Void run() {
                SecurityContext securityContext =
SecurityContextAssociation.getSecurityContext();
                if (securityContext == null) {
                    securityContext = createSecurityContext(getSecur
ityDomain());
setSecurityContextOnAssociation(securityContext);
                }
securityContext.getUtil().createSubjectInfo(principal, credential, subject);
                return null;
            }
        });
    }


After Elytron,  what is the equivalent thing to do this  then ejb can
retrieve this security without check this twice ?

Thanks,

Jim




-- 

Alessio Soldano

Associate Manager

Red Hat

<https://www.redhat.com>
<https://red.ht/sig>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/wildfly-dev/attachments/20180530/888ab513/attachment-0001.html 


More information about the wildfly-dev mailing list