Trouble obtaining JaaS login context from within EJB
Hello,
I'm currently developing an Enterprise application which Comprises of a servlet and ejb for Geronimo 2.1 and I have secured the Ejb with a Security Realm configured to authenticate against a SQLLoginModule. I'm confident that this is authenticating correctly as I have done negative and positive testing.
I'm testing my ejb my connecting to it from a servlet as follows:
CallbackHandler handler = new UserIdPasswordCallbackHandler(user, password);
LoginContext ctx = new LoginContext("SecurityRealm",handler);
ctx.login();
This succeeds when supplied the correct credentials and throws exceptions with invalid credentials.
I obtain a reference to the remote interface as follows:
Properties prop=new Properties();
prop.put(Context.INITIAL_CONTEXT_FACTORY, "org.apache.openejb.client.RemoteInitialContextFactory");
prop.put("java.naming.provider.url", "ejbd://localhost:4201");
Context context = new InitialContext(prop);
Object o = context.lookup("SessionManagerBeanRemote");
SessionManagerRemote remote = (SessionManagerRemote)o;
This works correctly as I am able to call my remote ejb methods!
Now - the piece I am missing is I need to be able to obtain the current Subject that was authenticated. ie - I need to know the identity of the user that has been authenticated to use this ejb and is invoking it. So if joe was authenticated to use the SessionManager - I need to be able to obtain joe's login name.
I believe if I was within a web container I'd be able to use the equivalent of: HttpServletRequest.getUserPrincipal() ... Can someone point me to a reference, decently documented example or something that will tell me what API I need to use? I'm happy to do some reading but I've looked around quite a bit and I think I might be missing something... There doesn't seem to be a clear reference to this is the standard geronimo documentation - only some lite discussion for web containers.
Thanks in advance!
-Keith
