|
|
|
J2EE application components have access to standard security APIs that provide user identity and role membership information used for program logic. There are two types of calls—one that returns the identity of the user and another that returns Boolean decisions, based on an input role indicating whether the user has membership in that role.
|
API Call |
Handling Container |
Description |
|---|---|---|
|
getRemoteUser () |
Web |
Returns the login identity of the user making a request if the user has been authenticated, or null if the user has not been authenticated. |
|
getUserPrincipal () |
Web |
Returns a java.security.Principal object containing the name of the current authenticated user. |
|
isUserInRole (String role) |
Web |
Returns a Boolean indicating whether the authenticated user is included in the specified logical role. |
|
getCallerPrincipal () |
EJB |
Returns a java.security.Principal object containing the name of the caller. |
|
isCallerInRole (String role) |
EJB |
Returns a Boolean indicating whether the caller is included in the specified logical role. |
WebSphere always uses its own identity Principal to answer J2EE programmatic security calls (except isUserInRole() and isCallerInRole(), which use the SiteMinder Principal.
Note: The SiteMinder Agent for IBM WebSphere supports only globally-scoped roles; it does not support roles scoped to an application for any J2EE programmatic calls.
| Copyright © 2010 CA. All rights reserved. | Email CA Technologies about this topic |