Skip to Main Content
Forums

Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Securing SunOne EJB

843811Jul 14 2003 — edited Nov 10 2003
Hi,

I'm using SunONE platform to deploy my EJBs. These EJBs will be accessed by Weblogic based Web application. I want to secure my EJBs so that any JNDI lookup to retrienve the home interface must pass PRINCIPAL and CREDENTIAL validation. But "getCallerPrincipal" seems to return ANONYMOUS all the time. I tried defining groups, roles but no LUCK. Here is the code snippet,

env.put ("java.naming.factory.initial","com.sun.jndi.cosnaming.CNCtxFactory");
env.put("java.naming.provider.url", url);
env.put(Context.SECURITY_PRINCIPAL, "bob");
env.put(Context.SECURITY_CREDENTIALS, "bobx");

Am I doing it right?
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Dec 8 2003
Added on Jul 14 2003
#other-security-apis-tools-and-issues
1 comment
116 views