This week's book giveaway is in the Jython/Python forum.
We're giving away four copies of Murach's Python Programming and have Michael Urban and Joel Murach on-line!
See this thread for details.
Win a copy of Murach's Python Programming this week in the Jython/Python forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

Switching Security Context with JAAS  RSS feed

Jay Sam
Posts: 27
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

this is my scenario:

1) client authenticates via JAAS
2) gets reference to stateful session EJB
3) calls some methods
4) at some point, client decides to re-authenticate, because he needs to call more privileged methods. So he authenticates as a more privileged user.
5) client calls methods on stateful session EJB with new, more privileged status

My questions:
a) will I be able to use the same EJB reference, although having switched security context by reauthenticating to JAAS ?
b) will state in the stateful session EJB still be bound to me, or will I have to transfer state to a new session EJB ?
c) do I - as authenticated user with JAAS, have to call every method on the EJB with the doAS(Subject, EJBHandle) syntax ?


It is sorta covered in the JavaRanch Style Guide.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!