Monday April 27, 2009

EJBContext.getCallerPrincipal() improvements

The getCallerPrincipal() method has been improved to always return the username used to login.

Now any LoginModule implementation can use the new @CallerPrincipal annotation to flag the Principal object they want to be the one returned from getCallerPrincipal() method. The security service will iterate over the Principal objects in the current Subject and return the first one that is annotated as @CallerPrincipal. If no Principal is found with the @CallerPrincipal annotation, the security service will return the first Principal in the Subject as before. All the OpenEJB supplied LoginModules have been updated to use this new annotation.

If you have implemented your own LoginModule, here's an example of a Principal implementation that uses the new annotation:

import org.apache.openejb.spi.CallerPrincipal;

public class UserPrincipal implements {

    private final String name;

    public UserPrincipal(String name) {
        if (name == null) throw new IllegalArgumentException("name cannot be null"); = name;

    public String getName() {
        return name;

    // don't forget to implement equals() and hashCode()


Way nice! like all the versions you came up with.

Posted by tergdehealthra1978 on July 18, 2019 at 12:47 PM EDT #

Очень круто! *artistic

Posted by flagyl on July 19, 2019 at 02:06 PM EDT #

Post a Comment:
Comments are closed for this entry.



Hot Blogs (today's hits)

Tag Cloud