tomee-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Geoff Callender <>
Subject Re: How to propagate security context from Jetty to OpenEJB?
Date Sun, 31 Jan 2010 02:07:37 GMT

OK, I feel very lost now.  A quick summary: I'm trying to get OpenEJB to
receive the security context from Jetty so that the user is authenticated
once only, by the web container, at login. I've succeeded in receiving the
Principal but not the roles.

Apparently this has been solved for Tomcat to OpenEJB, and it involves
OpenEJBValve on the Tomcat side and TomcatSecurityService on the OpenEJB

What I've done is imitate OpenEJBValve by writing a Filter (I first tried a
SecurityHandler but had problems), and I've imitated TomcatSecurityService
by writing JettySecurityService. Their internals are almost identical to the
Tomcat counterparts.

Good result - my EJBs can now correctly get the Principal! Previously they
always thought the principal was "guest".

However, the roles are never passed, and I don't see a mechanism for it.
Neither is the login method JettySecurityService ever called.  

Can someone please, please enlighten me? Are there more bits to this puzzle? 

BTW, this is only for development use, not production, so it can cut corners
if that keeps it simple.


View this message in context:
Sent from the OpenEJB User mailing list archive at

View raw message