By ACC did you mean the Appclient Container ?. If you have a seq diagram that will help.
On Aug 23, 2012, at 3:02 PM, forums_at_java.net wrote:
> Our application consists of a JAX-RS resource calling a SLSB and a Swing
> client in ACC. Communication between client and server is done using HTTP
> (HttpUrlConnection). When starting Swing, JAAS asks for username and password
> (we enforce this by letting Swing directly invoke some SLSB method instead of
> using HTTP). While the application further runs, it invokes some HTTP methods
> (unauthenticated, as we have no security restrictions). In the end, the SB
> invokes getCallerPrincipal -- which returns "ANONYMOUS". Clearly the
> principial is not propagated from ACC to EJB container via JAX-RS. So here
> comes the million dollar question: How to tell ACC that it shall forward the
> principial in case the Swing client does HTTP calls? If this is not possible,
> then here is another question: We could provide a username as part of the
> HTTP call manually, but how to turn it into a principal on the SLSB side
> then? Thanks! Markus
>
> --
>
> [Message sent by forum member 'mkarg']
>
> View Post: http://forums.java.net/node/889477
>
>