The RunAs subject or invocation subject contains the user authentication information for the RunAs mode set in the application deployment descriptor for this method.
The RunAs subject (or invocation subject) contains the user authentication information for the RunAs mode set in the application deployment descriptor for this method. This subject is marked read-only when returned from the WSSubject.getRunAsSubject application programming interface (API) to prevent replacing existing objects.
Most data within the Subject is not propagated downstream to another server. Only the credential token within the WSCredential credential is propagated downstream and a new Caller subject is generated.
try { javax.security.auth.Subject runas_subject; com.ibm.websphere.security.cred.WSCredential runas_cred; runas_subject = com.ibm.websphere.security.auth.WSSubject.getRunAsSubject(); if (runas_subject != null) { runas_cred = runas_subject.getPublicCredentials com.ibm.websphere.security.cred.WSCredential.class).iterator().next(); String RUNASDATA = (String) runas_cred.get ("MYKEY") System.out.println("My data from the RunAs credential is: " + RUNASDATA ); } } catch (WSSecurityException e) { // log error } catch (Exception e) { // log error }
In this information ... | IBM Redbooks, demos, education, and more(Index) |