users@glassfish.java.net

Custom prcnipal

From: <forums_at_java.net>
Date: Tue, 20 Sep 2011 07:31:36 -0500 (CDT)

Hi all,

I would like to have a clear answer about an issue that I'm sure impacts lots
of people.

I've implemented my own custom realm, and I would like to set some basic user
information inside the principal (language is one among others). As far as I
looked, there is no way to retreive the custom implementation of the
principal I set. Using the "ctx.getCallerPrincipal()" method from the EJB
context will always return the Glassfish implementation of the Principal.
Nevertheless, I've seen that the information is present in the security
context.

Is there any clean and easy way to retrieve the subject that I created?
I guess this is linked to issue :
http://java.net/jira/browse/GLASSFISH-3774. Any ideas on when it will be
fixed? To my opinion it is not a minor bug, rather major as a user is always
more than just a name and roles. Moreover, I'm still very surprised with the
behaviour of GF3 security. Even though I checked the "principal to role
mapping" option in the console, I still need to map each group/role one by
one in the sun-ejb-jar.xml when using @rollesAllowed.

Thanks in advance for your help.


--
[Message sent by forum member 'Roinou']
View Post: http://forums.java.net/node/844875