To extend the function that is provided by the Java Authentication and Authorization Service (JAAS) application programming interfaces (APIs), you can set the RunAs subject or invocation subject with a different valid entry that is used for outbound requests on this running thread.
try
{
javax.security.auth.Subject runas_subject, caller_subject;
runas_subject = com.ibm.websphere.security.auth.WSSubject.getRunAsSubject();
caller_subject = com.ibm.websphere.security.auth.WSSubject.getCallerSubject();
// set a new RunAs subject for the thread, overriding the one declaratively set
com.ibm.websphere.security.auth.WSSubject.setRunAsSubject(caller_subject);
// do some remote calls
// restore back to the previous runAsSubject
com.ibm.websphere.security.auth.WSSubject.setRunAsSubject(runas_subject);
}
catch (WSSecurityException e)
{
// log error
}
catch (Exception e)
{
// log error
}
Related concepts
Programmatic login
Related reference
Supported authentication protocols