如何手动设置/传播安全上下文信息，例如JBoss 7的负责人(超过JBoss远程处理2) [英] How to manually set/propagate security context information e.g. Principal for JBoss 7 (over JBoss remoting 2)

问题描述

我正在使用jboss远程处理2.5.4.SP3从Web应用程序和其他JBoss实例提供对JBoss 7.1服务器中EJB的远程访问.由于JBoss 7.1中的远程EJB访问存在问题，特别是(但不仅限于)无法同时访问多台服务器上的同一(接口Bean)，因此我正在手动执行此操作.我正在使用remoting2，因为remoting3没有文档.

I'm using jboss remoting 2.5.4.SP3 to provide remote access to EJBs in a JBoss 7.1 server from both a web app and other JBoss instances. I'm doing it manually because of issues with remote EJB access in JBoss 7.1, specifically (but not only) the inability to access the same (interface) bean on multiple servers simultaneously. I'm using remoting2 because remoting3 has no documentation.

我通过套接字传输使用TransporterHandle/TransporterClient进行远程处理，但是在通过此远程连接调用的方法中，服务器希望从ejbContext中查找主体.我找不到手动设置主体或其他上下文安全性/身份信息的方法.达到极限时，我很乐意在调用ejb方法时设置主体(所有传入的调用都针对本地EJB3 Bean)，或者甚至专门针对EJBContext进行设置.

I have remoting working using TransporterHandle/TransporterClient using the socket transport, but in methods called via this remote connection, the server wants to lookup the principal from the ejbContext. I can't find a way to manually set the principal, or other contextual security/identity information. At the limit I'd be happy just to set the principal when the ejb method is invoked - all incoming calls are to local EJB3 beans - or even to set it specifically for the EJBContext.

我已经找到了很多有关Spring的信息(我没有使用)，但是似乎没有任何内容与我的具体情况相符.

I've found a lot of information regarding Spring (which I'm not using), but nothing seems to match my particular context.

推荐答案

现在，执行此操作的正确方法是:

And now, the correct way to do this:

在客户端，我获得了安全上下文并打包了安全域和主题信息，以将其与调用一起传输到服务器. SecurityDomain是一个字符串，SubjectInfo是可序列化的:

On the client side I get the security context and package up the security domain and subject info for transport to the server along with the invocation. The SecurityDomain is a String and SubjectInfo is serializable:

Map m = new HashMap();
SecurityContext securityContext = SecurityContextAssociation.getSecurityContext();
if (securityContext != null) {
    m.put("SUBJECT-INFO", securityContext.getSubjectInfo());
    m.put("SECURITY-DOMAIN", securityContext.getSecurityDomain());
}
response = remotingClient.invoke(request, m);

通过调用jboss远程处理发送映射m.在服务器端，我提取安全信息并像这样设置调用的上下文:

The map m gets sent with the invocation over jboss remoting. On the server side, I extract the security information and set the context for the invocation like this:

SecurityContext oldContext = SecurityContextAssociation.getSecurityContext();
SubjectInfo si = (SubjectInfo) invocation.getRequestPayload().get("SUBJECT-INFO");
String domain = (String) invocation.getRequestPayload().get("SECURITY-DOMAIN");
if (si != null) {
    SecurityContext sc = new JBossSecurityContext(domain);
    sc.setSubjectInfo(si);
    SecurityContextAssociation.setSecurityContext(sc);
}
try {
    return super.invoke(invocation);
} finally {
    SecurityContextAssociation.setSecurityContext(oldContext);
}

像魅力一样工作！

这篇关于如何手动设置/传播安全上下文信息，例如JBoss 7的负责人(超过JBoss远程处理2)的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！