Win a copy of The Way of the Web Tester: A Beginner's Guide to Automating Tests this week in the Testing forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Switching Security Context with JAAS

Jay Sam
Posts: 27
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

this is my scenario:

1) client authenticates via JAAS
2) gets reference to stateful session EJB
3) calls some methods
4) at some point, client decides to re-authenticate, because he needs to call more privileged methods. So he authenticates as a more privileged user.
5) client calls methods on stateful session EJB with new, more privileged status

My questions:
a) will I be able to use the same EJB reference, although having switched security context by reauthenticating to JAAS ?
b) will state in the stateful session EJB still be bound to me, or will I have to transfer state to a new session EJB ?
c) do I - as authenticated user with JAAS, have to call every method on the EJB with the doAS(Subject, EJBHandle) syntax ?


  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic