Red Hat Training

A Red Hat training course is available for JBoss Enterprise Application Platform Common Criteria Certification

5.3. Developer Advice for User Credentials in Remote Method Invocation

In Remote Method Invocation (RMI), credentials are transmitted from client to server. These credentials populate the security context in the method invocation object. This is implemented using the setPrincipal and setCredential methods.

Example 5.1. Setting Principal and Credential

MethodInvocation mi = new MethodInvocation(); 
mi.setPrincipal(new SimplePrincipal("myusername")); 
These additional payloads can be retrieved at the server side using similar methods on the invocation object.

Example 5.2. Retrieving Principal and Credential

Principal p = mi.getPrincipal(); 
Object cred = mi.getCredential();
// Now do authentication (and then authorization)