users@glassfish.java.net

Get user name group by AccessControlContext API / ServiceLifecycle

From: <glassfish_at_javadesktop.org>
Date: Tue, 06 Mar 2007 04:04:47 PST

Hi,

     i am a newbie about java web service, could anybody tell me,
for a web service secured by WSS, how can i distinguish the user name and group with
AccessControlContext API inside the web service method?

e.g. sample code:

>>>java.security.AccessControlContext context = >>>java.security.AccessController.getContext();
>>>javax.security.auth.Subject subj = javax.security.auth.Subject.getSubject(context);

>>>Set<Principal> s = subj.getPrincipals();

>>>for (Principal p : s)
>>>{
>>> System.out.println(p.getName());
>>>}

*****The problem is -----> the Set<Principal> contains both user name and user
*****role...how can i get the user name only?

beside the AccessControlContext api, i can use the ServiceLifecycle API:

sampel code:

>>>public class SecureService implements javax.xml.rpc.server.ServiceLifecycle
>>>{
>>>
>>>private javax.xml.rpc.server.ServletEndpointContext context;
>>>
>>>public void init(Object obj) throws javax.xml.rpc.ServiceException
>>>{
>>> context = (javax.xml.rpc.server.ServletEndpointContext)obj;
>>>}

>>>public String helloUser(String message) throws java.rmi.RemoteException
>>>{
>>> java.security.Principal principal = context.getUserPrincipal();
>>> if(principal == null)
>>> {
>>> throw new RuntimeException("Principal not found");
>>> }
>>> String userName = principal.getName();
>>> return "Hi "+userName+"! "+message;
>>>}
>>>public void destroy()
>>>{
>>> context = null;
>>>}
>>>}

*****Question: for using ServiceLifecycle, will there be concurrent access issue
*****(as the webservice is implemented as servlet...)????

thank you.
[Message sent by forum member 'imperfect' (imperfect)]

http://forums.java.net/jive/thread.jspa?messageID=206427