问题
I'm trying to run code within JBoss Container under a different authentication by programatically logging in a user like that (stripped exception handling):
LoginContext ctx = ctx =
new LoginContext("MyLoginSchema",
new UsernamePasswordCallbackHandler("newuser", "")
);
ctx.login();
Subject.doAs(ctx.getSubject(), new PrivilegedAction<T>() {
@Override
public T run() {
Subject.getSubject(AccessController.getContext());
InitialContext ic = new InitialContext();
EJBContext sctxLookup = (EJBContext) ic.lookup("java:comp/EJBContext");
Principal principal = sctxLookup.getCallerPrincipal();
}
});
Login of newuser works (Call of LoginModule was successful) but Subject.doAs() doesn't associate the new Subject with the EJBContext. The code in the run()-Method still fetches the old user's principal from EJBContext.
I tested another method of retrieving the logged in user but same behavior here:
Subject caller = (Subject) PolicyContext.getContext("javax.security.auth.Subject.container");
Any ideas?
回答1:
Which LoginModule do you use now? In JBoss 6.1 you had to use ClientLoginModule to authenticate in container.
回答2:
My understanding is this is currently not supported by JBoss AS 7.1. See this thread
Edit
What I wrote here is wrong, the thread only applies to client side login (outside of a JBoss).
来源:https://stackoverflow.com/questions/12779566/login-a-user-programmatically-via-jaas