1

With Glassfish realms and Context I can use UserPrincipal.getName()and isUserInRole methods to retrieve information about the logged in user.

However, I need to share more data across the EJBs, e.g. information about the user I can get through database or LDAP (such as name, domain, etc...).

I'm not asking about how to retrieve this information, but I've been spending hours to find a good way to pass it across all the EJBs called in the Session/Request. I've read about EJBContext.getContextData(), but it seems that this property isn't propagated, and I can't use the stored values outside of the EJB that stored them. I've also read about implementing my own UserPrincipal, but I don't have a clue about how to do it for Glassfish, and keep using the glassfish default realm configurations.

I don't want to modify my EJBs signature to pass the information, but I can't think of another way of doing it properly.

Do you have any ideas?

mrik974
  • 465
  • 2
  • 7
  • 17

3 Answers3

2

Since you're using Glassfish you can use JASPIC which is the Java EE standard for passing credential data across layers. Writing the JASPIC adapter itself isn't too hard, it is generally a simple layer unless you're implementing OpenID Connect Authentication like I did as you generally will only be using what is provided by JAVA EE7 API and no other support libraries.

Archimedes Trajano
  • 35,625
  • 19
  • 175
  • 265
0

At first glance, and without looking at your code, maybe you can use interceptors, your requirements sounds like AOP (you can inject resources in the interceptors like the SessionContext). So, you catch the method and do some magic before and after executed the method.

If that is not enough, other idea that comes to my mind is using CDI producers, you create a method that produces an Object with the info that you need and at some point you can inject it as a dependency in your EJB's:

e.g : http://java.dzone.com/articles/cdi-di-p1

Sergio
  • 3,317
  • 5
  • 32
  • 51
  • I read this tutorial, and it's second part too, a few days ago. They're well done, and helped me a lot for other stuff. But not in this case. If I use CDI or Interceptors, I will need them to be called at each EJB call. I also need to prevent frequent data fetch from the LDAP/database, and if I use CDI, I will have to inject a Singleton, to have my own data cache layer. Thus, I will have to check the sessions' status, clean the cache when needed, etc... I may be wrong, but it doesn't seem to feet my needs. – mrik974 Feb 20 '14 at 07:37
-1

This isn't really possible. If you're only using local calls, you could use a ThreadLocal, but be sure to remove it when the call completes to avoid leaking memory on pooled threads. If you're using remote, I'm not aware of any solution other solution than modifying the method signature.

Brett Kail
  • 33,593
  • 2
  • 85
  • 90
  • Well, I don't know what to think about it. Is what I'm asking desperately missing from the specs, or is it considered useless/problematic and then missing on purpose? Am I doing things wrong? I mean, should I not need to do this? I'm gonna leave the question open for a moment, in case there's another answer. Thank you. – mrik974 Feb 19 '14 at 16:26
  • @mrik974 I guess you should unaccept this answer and accept that of Archimedes instead. The OP asked for extra data on the Principal and with JASPIC you should indeed be able to do just that. – Mike Braun Dec 15 '14 at 18:06
  • I understand I have to do this to avoid misguiding, and for this time I will, but how can I accept an answer without having tested it? – mrik974 Dec 16 '14 at 07:47