在ejb方法中访问客户端主体 [英] Accessing the clients principal inside an ejb method
问题描述
我需要在ejb方法内访问客户端主体(用户名).我不想将其添加为参数.尝试将它们添加到诸如
I need to access the clients principal (username ) inside a ejb method. I don't want to add it as a parameter. Tryed adding them to Context object like ;
prop.add(Context.SECURITY_AUTHENTICATION,"user")
prop.add(Context.SECURITY_CREDENTIALS,"pass")
,但是尝试像这样在方法内部访问它们;@资源私有SessionContext ctx;
but trying to access them inside the method like; @Resource private SessionContext ctx;
public void someMethod() {
Principal principal = ctx.getCallerPrincipal();
//returns anonymous
仍然给我讨厌的用户.
正在使用weblogic,有没有指针?
Working on weblogic, any pointers ?
谢谢
推荐答案
类似的问题...我正在使用客户端证书以及自定义的UserNameMapper进行测试.我的UserNameMapper返回"steve",但是EJB中的主体返回了< anonymous>"
,直到我通过控制台添加了一个"steve"用户.
Similar issue...I am testing with a client cert along with a custom UserNameMapper. My UserNameMapper returns "steve", but the principal within the EJB was returning "<anonymous>"
until I added a "steve" user via the console.
Environment env = new Environment();
env.setInitialContextFactory(Environment.DEFAULT_INITIAL_CONTEXT_FACTORY);
// env.setSecurityPrincipal("user");
// env.setSecurityCredentials("pass");
env.setProviderUrl("t3s://localhost:7002");
InputStream key = new PEMInputStream(new FileInputStream(CERT_KEYFILE));
InputStream cert = new PEMInputStream(new FileInputStream(CERT_CERTFILE));
env.setSSLClientCertificate(new InputStream[] {key, cert});
env.setSSLClientKeyPassword(CERT_KEYPASSWORD);
将JAAS客户端与UsernamePasswordLoginModule一起使用时出现相同的问题.通过在PrivilegedAction的InitialContext查找中设置用户名/密码来修复.EJB将后者作为主体,因为它可以是不同的用户名/密码.
Same issue when using a JAAS client with the UsernamePasswordLoginModule. Fixed by setting the username/password within the InitialContext lookup within the PrivilegedAction. The EJB references the latter as the principal as it can be a different username/password.
这篇关于在ejb方法中访问客户端主体的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!