tomee-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "RAMM, David" <>
Subject RE: security and multiple EJB servers
Date Tue, 19 Apr 2011 02:16:07 GMT
OpenEJB users,

I have a question in relation to security and EJBs on multiple servers and hope someone might
be able to provide some help.

I have a client application and two EJB servers.

The client application is able to use the EJB located on the first OpenEJB server. Snippet
of code for the client application:

Properties props = new Properties();

props.put(Context.SECURITY_PRINCIPAL, "username");
props.put(Context.SECURITY_CREDENTIALS, "password");

Context ctx = new InitialContext(props);
Calculator h = (Calculator)ctx.lookup("CalculatorBean");

double result = h.add(1.0, 2.0);
System.out.println("ans: " + result);

The user is successfully authenticated. I can also see the username within the first EJB using:

SessionContext sContext;
System.out.println("CalculatorImpl: Session Context, Principle, Name: " + sContext.getCallerPrincipal().getName());

What I'd like to do is within this first EJB use another EJB on another OpenEJB server using
the same credentials. A PROVIDER_URL to the second OpenEJB server needs to be supplied somewhere.

I've looked at creating a new InitialContext within the first EJB so the PROVIDER_URL can
be specified but I lose the other context information, e.g. the credentials.
I've looked at what the SessionContext object in the first EJB offers but it doesn't seem
to be anything that will help.

Any help or hints would be greatly appreciated.


David Ramm
Senior Computer Systems Engineer
BAE Systems Australia
3 Second Avenue
Phone +61 (0)8 8300 4879
Fax +61 (0)8 8300 4510
Mobile +61 (0)417 842 985

The information contained in this email and any attached files is
confidential to BAE Systems Australia. If you are not the intended
recipient, any use, disclosure or copying of this email or any
attachments is expressly prohibited.  If you have received this email
in error, please notify us immediately. VIRUS: Every care has been
taken to ensure this email and its attachments are virus free,
however, any loss or damage incurred in using this email is not the
sender's responsibility.  It is your responsibility to ensure virus
checks are completed before installing any data sent in this email to
your computer."

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message