Details
-
Bug
-
Resolution: Won't Do
-
Major
-
None
-
None
-
None
Description
I am trying to do a manual login in an EJB like the Servlet Request offers.
So far so good. I implemented the CallbackHandler:
public class PasswordCallbackHandler implements CallbackHandler {
private String username;
private char[] password;
public PasswordCallbackHandler(String username, char[] password)
{ super(); this.username = username; this.password = password; } public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
if(callbacks == null)
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof NameCallback)
else if (callbacks[i] instanceof PasswordCallback)
{ PasswordCallback pc = (PasswordCallback) callbacks[i]; pc.setPassword(password); }else
{ throw new UnsupportedCallbackException(callbacks[i], "Unrecognized Callback"); } }
}
}
My Code:
PasswordCallbackHandler handler = new PasswordCallbackHandler("user", "password".toCharArray());
LoginContext context = new LoginContext("realm", handler);
context.login();
The subject shows:
Subject:
Principal: user
Principal: Roles(members:ADMIN,USER)
Principal: CallerPrincipal(members:user)
So the login itself worked. My Question now is what am I doing with it? When I fetch the current principal from the container I still receive anonymous. Tested on JBoss 7.1 and Wildfly.
@Resource
private SessionContext ctx;
Principal callerPrincipal = ctx.getCallerPrincipal();
if(callerPrincipal == null) {
return null;
}
String name = callerPrincipal.getName(); // Also after login() it returns anonymous.
So did I misunderstood this functionality or should the container set the principal to the user I logged in?