EJB Authentication and Authorization

Question

EJB Authentication and Authorization

Is there a way to extend the authentication operation that connects the client application to the EJB using standard JAAS / container-based security? I am looking for a way to use more than just a username to authenticate a user (in this case a domain name is also required). Ideally, I would like to be able to use SessionContext.getCallerPrincipal () to access the username and domain name in EJB.

I use Glassfish, if that affects the answer at all. I need to create a user login module / user world and what should it do?

+4

java authentication glassfish ejb-3.0 jaas

Zecrates Oct 15 '09 at 14:39

source share

1 answer

Chris dail · Accepted Answer · 2009-11-05T13:58:34+0000

Adding authentication mechanisms to an EJB container is usually a vendor-specific task. I do not believe that there is a standard way to do this. However, for Glassfish, I believe this article will help you configure SAM (Serve Auth Module), which can handle authentication in any way that suits you. http://blogs.oracle.com/enterprisetechtips/entry/adding_authentication_mechanisms_to_the

Keep in mind that this is specific to Glassfish.

EJB Authentication and Authorization

More articles: