Right, after some messing around with JMX in general (outside of GF) and the help of Daniel Fuchs (tnx!) I think I have found a way. The following will NOT work:
1.) The pure JMX way of doing it via Java Security with the AccessControllerContext:
Subject s = Subject.getSubject(AccessController.getContext());
The returned subject is null. So that's a no-go. BTW, this would most likely work if you were to use your own JMXConnectorServer, connect it to the default MBeanServer and use a custom JMXAuthenticator, but really we want to use the same connection that GF gives us, plus of course we want to use the GF authorization.
2.) Use the principal returned from the SecurityContext, as outlined in my question:
com.sun.enterprise.security.SecurityContext sc = SecurityContext.getCurrent();
Principal p = sc.getCallerPrincipal();
Returns ANONYMOUS, no good.
Now...for the fun of it, I retrieved the Subject from the SecurityContext and did a toString on it...and suddenly my username shows up! So a few lines later I can retrieve my principal:
com.sun.enterprise.security.SecurityContext sc = SecurityContext.getCurrent();
Subject s = sc.getSubject();
Set<Principal> ps = s.getPrincipals();
for(Principal p : ps){
...etc...
}
Funny thing though is that I get back two principals, one being the user I supplied inside JConsole, the other one being "asadmin". But at least I get the username I was looking for, so happy days!
// M.
[Message sent by forum member 'markhollmann' (markhollmann)]
http://forums.java.net/jive/thread.jspa?messageID=285976