tomee-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Geoff Callender <>
Subject Re: How to propagate security context from Jetty to OpenEJB?
Date Sat, 30 Jan 2010 06:44:43 GMT

I've created a JettySecurityService and I guess my config (service-jar.xml
and openejb.xml) must be right because the class is being instantiated, and
it's successfully getting my Jetty server's UserRealm, and there are lots of
calls to 
    protected Subject getRunAsSubject(CoreDeploymentInfo
    public Set<String> getLogicalRoles(Principal[] principals, Set<String>

However, the argument callingDeploymentInfo is always null, and principals
is always the user "guest" and the group "guest".

These methods are never called:
    public UUID login(String realmName, String username, String password)
    private Subject createSubject(UserRealm realm, Principal principal)
    public Object enterWebApp(UserRealm realm, Principal principal, String

Is there something more I have to do in Jetty?

- Geoff

David Blevins wrote:
> On Jan 26, 2010, at 8:22 AM, Geoff Callender wrote:
>> This is pretty heartening.  Is there any doco or example of how to  
>> use TomcatSecurityService. Any config involved?
> There's nothing required above and beyond typical Tomcat usage, so no  
> config required and hence no doc.  There is a doc however on just the  
> basic plug points of the OpenEJB security service, which combined with  
> the Tomcat-specific security code should give a little insight as to  
> what is needed for an equivalent integration with Jetty's security  
> service.
> See the "PLUG POINTS" section:
> -David
View this message in context:
Sent from the OpenEJB User mailing list archive at

View raw message