|
| Yes we did. The Portal CredentialVaultService is accessible in JSR 168, you just need to get at it using JNDI. Here's the code we've been testing against:
private static PortletServiceHome cvsHome;
public void execute(Command next) {
try {
Subject subject;
if( cvsHome == null ) {
Context ctx = new InitialContext();
cvsHome =
(PortletServiceHome)ctx.lookup("portletservice/com.ibm.portal.portlet.service.credentialvault.CredentialVaultService");
}
CredentialVaultService vaultService = (CredentialVaultService)cvsHome. getPortletService(CredentialVaultService
.class);
try {
subject = vaultService.getUserSubject(pPortletRequest);
} catch (CredentialVaultException credentialVaultException) {
credentialVaultException.printStackTrace(System.out);
}
} catch (Exception e) {
e.printStackTrace(System.out);
}
Subject.doAs(currentUser, new PrivilegedExceptionAction(){
public Object run() throws PrivilegedActionException {
next.execute(next);
}
});
}
The trouble we have now is getting that same JAAS Subject propagated to the downstream EJB tier on a remote cluster. It may be just a matter of ensuring the EJB is secured, but we haven't validated it yet.
If you're doing similar work to us it might be beneficial to stay in touch. I'd be interested to know how similar our efforts are.
|
|