tomee-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Blevins <david.blev...@visi.com>
Subject Re: EJB Design / Architecture
Date Tue, 07 Apr 2009 00:18:52 GMT
On Apr 6, 2009, at 4:03 AM, dojolava wrote:

> The main problem really might be that due to the fact that OpenEJB  
> does not
> return the UserPrincipal on getCallerPrincipal(), it is not possible  
> to
> determine the callers identity...

The code that selects the caller identity was purposely not tied  
directly to the UserPrincipal object used by the  
PropertiesLoginModule.  The primary reason was to ensure that other  
LoginModule implementations can be used -- say like in Tomcat where  
the Tomcat security realm code is used instead.  But, definitely it is  
unoptimal to have getCallerPrincipal not be predictable when using one  
of the JAAS LoginModules we provide.

To get around this and to hopefully provide a painless way for third- 
party login modules to better support getCallerPrincipal I added a new  
@CallerPrincipal annotation which can be used by JAAS login modules to  
flag a specific principal as the one that should be used.  Here's the  
JIRA:

  https://issues.apache.org/jira/browse/OPENEJB-1015

So this should be fixed now.  I've uploaded new snapshots you can try  
out:

   http://repository.apache.org/snapshots/org/apache/openejb/openejb-standalone/3.1.1-SNAPSHOT/openejb-standalone-3.1.1-20090407.001236-1.zip
   http://repository.apache.org/snapshots/org/apache/openejb/openejb-tomcat-webapp/3.1.1-SNAPSHOT/openejb-tomcat-webapp-3.1.1-20090407.001236-1.war

Let us know if this works how you'd like.

-David


Mime
View raw message