WebSphere Application Server Network Deployment, Version 6.0.x   Operating Systems: AIX, HP-UX, Linux, Solaris, Windows
             [TIP: Focusing the table of contents and search results]

Example: Getting the caller subject from the thread

The Caller subject (or "received subject") contains the user authentication information that is used in the call for this request. This subject is returned after issuing the WSSubject.getCallerSubject application programming interface (API) to prevent replacing existing objects. The subject is marked read-only. This API can be used to get access to the WSCredential credential so that you can put or set data in the hashmap within the credential.

Most data within the subject is not propagated downstream to another server. Only the credential token within the WSCredential credential is propagated downstream and a new caller subject is generated.

try
{
javax.security.auth.Subject caller_subject;
com.ibm.websphere.security.cred.WSCredential caller_cred;

caller_subject = com.ibm.websphere.security.auth.WSSubject.getCallerSubject();

if (caller_subject != null)
{
caller_cred = caller_subject.getPublicCredentials
     (com.ibm.websphere.security.cred.WSCredential.class).iterator().next();
String CALLERDATA = (String) caller_cred.get ("MYKEY");
System.out.println("My data from the Caller credential is:  " + CALLERDATA);
}
}
catch (WSSecurityException e)
{
// log error
}
catch (Exception e)
{
// log error
}

Requirement: You need the following Java 2 security permissions to runthis API: permission javax.security.auth.AuthPermission "wssecurity.getCallerSubject;".




Related tasks
Customizing application login with Java Authentication and Authorization Service
Related reference
Customization of a server-side Java Authentication and Authorization Service authentication and login configuration
Reference topic    

Terms of Use | Feedback

Last updated: Mar 8, 2007 8:14:28 PM CST
http://publib.boulder.ibm.com/infocenter/wasinfo/v6r0/index.jsp?topic=/com.ibm.websphere.nd.doc/info/ae/ae/rsec_getcaller.html

© Copyright IBM Corporation 2002, 2006. All Rights Reserved.
This information center is powered by Eclipse technology. (http://www.eclipse.org)