WebSphere Application Server Network Deployment, Version 6.0.x     Operating Systems: AIX, HP-UX, Linux, Solaris, Windows

Example: Getting the RunAs Subject from the Thread

The RunAs subject (or invocation subject) contains the user authentication information for the RunAs mode set in the application deployment descriptor for this method.

The RunAs subject (or invocation subject) contains the user authentication information for the RunAs mode set in the application deployment descriptor for this method. This subject is marked read-only when returned from theWSSubject.getRunAsSubject() application programming interface (API) to prevent replacing existing objects. You can use this API to get access to the WSCredential (documented in the Javadoc information) so that you can put or set data in the hashmap within the credential.
Note: Most data within the Subject is not propagated downstream to another server. Only the credential token within the WSCredential is propagated downstream and a new Caller subject is generated.

try
{
javax.security.auth.Subject runas_subject;
com.ibm.websphere.security.cred.WSCredential runas_cred;

runas_subject = com.ibm.websphere.security.auth.WSSubject.getRunAsSubject();

if (runas_subject != null)
{
runas_cred = runas_subject.getPublicCredentials(
com.ibm.websphere.security.cred.WSCredential.class).iterator().next();
String RUNASDATA = (String) runas_cred.get ("MYKEY");
System.out.println("My data from the RunAs credential is: " + RUNASDATA );
}
}
catch (WSSecurityException e)
{
// log error
}
catch (Exception e)
{
// log error
}

Requirements: You need the following Java 2 Security permissions to run this API: permission javax.security.auth.AuthPermission "wssecurity.getRunAsSubject;".




Related concepts
Programmatic login

Reference topic    

Terms of Use | Feedback

Last updated: Mar 17, 2005 4:28:29 AM CST
http://publib.boulder.ibm.com/infocenter/ws60help/index.jsp?topic=/com.ibm.websphere.nd.doc/info/ae/ae/rsec_getrunas.html

© Copyright IBM Corporation 2002, 2005. All Rights Reserved.
This information center is powered by Eclipse technology. (http://www.eclipse.org)