Geek asks and answers

How to manually set / distribute security context information, for example. Principal for JBoss 7 (via JBoss remoting 2)

I am using jboss remoting 2.5.4.SP3 to provide remote access to EJB on a JBoss 7.1 server both from a web application and from other JBoss instances. I do this manually because of problems with remote access of EJB in JBoss 7.1, in particular (but not only) the inability to access the same interface (w810) on several servers at the same time. I use remoting2 because remoting3 has no documentation.

I am removing work using TransporterHandle / TransporterClient using socket transfer, but in the methods called through this remote connection, the server wants to find the principal from ejbContext. I cannot find a way to manually set basic or other contextual security / authentication information. At the limit, I would be happy to just set the principal when calling the ejb method - all incoming calls will be local EJB3 beans - or even to configure it specifically for EJBContext.

I found a lot of information about Spring (which I do not use), but nothing similar matches my specific context.

+3
source share
3 answers

And now, the right way to do this is:

. SecurityDomain - String, SubjectInfo :

Map m = new HashMap();
SecurityContext securityContext = SecurityContextAssociation.getSecurityContext();
if (securityContext != null) {
    m.put("SUBJECT-INFO", securityContext.getSubjectInfo());
    m.put("SECURITY-DOMAIN", securityContext.getSecurityDomain());
}
response = remotingClient.invoke(request, m);

m jboss. :

SecurityContext oldContext = SecurityContextAssociation.getSecurityContext();
SubjectInfo si = (SubjectInfo) invocation.getRequestPayload().get("SUBJECT-INFO");
String domain = (String) invocation.getRequestPayload().get("SECURITY-DOMAIN");
if (si != null) {
    SecurityContext sc = new JBossSecurityContext(domain);
    sc.setSubjectInfo(si);
    SecurityContextAssociation.setSecurityContext(sc);
}
try {
    return super.invoke(invocation);
} finally {
    SecurityContextAssociation.setSecurityContext(oldContext);
}

!

+1

, , .

, request.getUserPrincipal . , EE, , . , , JBoss Remoting , . TransporterClient, , . , ( ). . , EJBContext.getCallerPrincipal, , (, EJB), , . , - , .

All in all, a much more specialized solution than I had hoped for and it does not shed light on how I can spread the general context in JBoss 7.1 wiring.

0
source

More articles:


All Articles