This week's book giveaway is in the Kotlin forum.
We're giving away four copies of Kotlin in Action and have Dmitry Jemerov & Svetlana Isakova on-line!
See this thread for details.
Win a copy of Kotlin in Action this week in the Kotlin forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

Can an EJB do a JNDI lookup using different credentials from the user?  RSS feed

 
Yuriy Zilbergleyt
Ranch Hand
Posts: 429
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello,

I've got a two part question here.

1. If an SessionBean needs to have access to a ConnectioPool that the caller of the bean must not be able to use, can the bean do a JNDI lookup providing different SECURITY_PRINCIPAL and SECURITY_CREDENTIALS from the caller, without messing up the caller's context?

2. If #1 is possible, is there a way to let the SessionBean know what those credentials are without having them as plain text on the server or hardcoding them into the Java code?

Thank you,
Yuriy
 
Frank Ertl
Ranch Hand
Posts: 59
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello,

I think this is possible. You can do something like
Hashtable props = new Properties();
props.put(InitialContext.INITIAL_CONTEXT_FACTORY
,"weblogic.jndi.WLInitialContextFactory");
props.put(InitialContext.SECURITY_PRINCIPAL, "privilegedPrincipal");
props.put(InitialContext.SECURITY_CREDENTIALS, "secretPasswort");
InitialContext ic = new InitialContext(props);

If you don't want to have the credentials in plain text you could do a database lookup or use some encryption and put the obtained values in the properties instead of "privilegedPrincipal" and "secretPassword".

Frank
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!