Hi,
How do i use jersey client with a JAAS kind of authorization.
My set up is I have jersey resources wrapping EJBs which has JAAS security
in jboss 5.1 and i want to use jersey client(1.1.5) to hit them.
I can hit my services directly like this , and this is how my tests
currently work
Login login = new Login();
login.login("bootstrap", "bootpass", "127.0.0.1");
Subject subject = login.getSubject();
Subject.doAs(subject, new PrivilegedExceptionAction() {
public Object run() throws Exception {
// hit service directly with no problem .. The subject gets
passed in appropriately and the EJBs have no auth. problems.
}
however, after wrapping the services with resources, when i try the same
with my jersey client like this
Login login = new Login();
login.login("bootstrap", "bootpass", "127.0.0.1");
Subject subject = login.getSubject();
Subject.doAs(subject, new PrivilegedExceptionAction() {
public Object run() throws Exception {
WebResource webResource = new Client().resource(// some
local uri which inturn calls the EJB beans );
try {
* webResource.addFilter(new LoggingFilter());
ClientResponse resp = webResource.accept(
MediaType.APPLICATION_JSON)
.type(MediaType.APPLICATION_XML).get(
ClientResponse.class);*
}
}
i get a "Caller Unauthorized " error. Why isnt the jersey client not passing
the Subject ? if i add Cookie as header specifically then it works but i
dont want to keep logging in through the browser and inputting the
JSESSION_ID parameter every time, especially when these are regression tests
.If there is a way in which i can get the jsession_id programmatically then
i can consider that option as well.
Cheers
Vaidya