How can I propagate the subject from remote client to an EJB on JBoss EAP 6?

Solution Verified - Updated -

Issue

We want to know a way to pass Subject from remote client to EJBs without securing (i.e. EJB uses programmatic way for authorization) EJBs/remoting.

The link tells us how we can invoke Secured EJBs (i.e. EJBs are configured to use declarative security either via annotations OR ejb-jar.xml). So I think these are different.

The existing application deployed on weblogic uses "programmatic security approach" and "weblogic.security.Security.RunAs" to propagate "javax.security.auth.Subject" from client side to server side.

Is there any way we can achieve similar behavior in EAP 6? ie pass the subject from client to remote EJB.

In EAP 6, we have tried to use Subject.doAs() but "Subject" never gets propagated to remote ejbs.

Environment

  • Red Hat JBoss Enterprise Application Platform (EAP)
    • 6.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content