Details
Description
To programmatically change the currently active subject, at the moment you have to use the following Geronimo-proprietary code:
ContextManager.registerSubject(subject);
Callers oldCallers = ContextManager.pushNextCaller(subject);
try
{
// secure code
}
finally
{
ContextManager.popCallers(oldCallers);
}
(see http://www.nabble.com/NPE-in-ContextManager.getCurrentContext-ts24645453s134.html)
There should be a simpler (less Geronimo-dependend code) API analog to javax.security.auth.Subject.doAs()
(http://java.sun.com/javase/6/docs/api/javax/security/auth/Subject.html#doAs%28javax.security.auth.Subject,%20java.security.PrivilegedExceptionAction%29)
This API itself cannot be used, see http://publib.boulder.ibm.com/infocenter/wasinfo/v5r1//index.jsp?topic=/com.ibm.websphere.base.doc/info/aes/ae/rsec_jaasauthor.html
http://www.nabble.com/security-propagation-from-JAAS-context-to-EJB-question-ts24091806s134.html
An API for Assumed Identity (run-as) support could be implemented like
public <T> T doAs(Subject subject, PrivilegedExceptionAction<T> action)
throws PrivilegedActionException
{
T t = null;
ContextManager.registerSubject(subject);
Callers oldCallers = ContextManager.pushNextCaller(subject);
try
catch (Exception e)
{ throw new PrivilegedActionException(e); }finally
{ ContextManager.popCallers(oldCallers); } return t;
}
This code could be put into a method of ContextManager or into a new class org.apache.geronimo.security.Security.
This would still create a non-portable dependency to Geronimo in user code.
You would use it like
LoginContext lc = new LoginContext("geronimo-admin", handler);
lc.login();
Subject subject = lc.getSubject();
String s = doAs(subject, new PrivilegedExceptionAction<String>()
{
public String run() throws Exception
});
This would be analogous to similar APIs in Weblogic Server or Websphere AS.