I need a pattern for Securing MDBs

M

meaneyedcat

I have an application that calls an MDB. I understand why the MDB can't
have direct access to the EJBContext and access the subject (because
the MDB is invoked annonymously), but I have subsequent sessionbean
calls that are dependent on a subject/principal being there.

Is there a pattern that describes how to work around the specs in a
somewhat friendly manner?

I have no problem sending the username with the initial JMS call that
eventually invokes the MDB, but how would I set the principal?

What is the relationship with Subject.doAs() and J2EE?

thanks for your help!
JC.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top