Access to javax.security.auth.Subject from VaadinUI / CDIUI

Miroslav17 · December 5, 2013, 11:45am

Hello,

In a Vaadin UI, annotated with @CDIUI, I’m trying to access the javax.security.auth.Subject using:

AccessControlContext acc = AccessController.getContext();

if (null == acc) {
    System.err.println("Active AccessControlContext is null :-(");
}

Subject activeSubject = Subject.getSubject(acc);

if (null == activeSubject) {
    System.err.println("Active subject is null :-(");
} else {
    for (Principal p : activeSubject.getPrincipals()) {
        System.err.println("Frontend principal: " + p.getClass().getName() + ": " + p);
    }
}

The problem is, that the active subject is always NULL. I’m trying to access custom principal values sent from our custom Login module.

An injected com.vaadin.cdi.access.AccessControl returns the principal name without problems, but I need an access to other principal objects, as well.

Thanks for any help,
Miro

Petrus1 · December 6, 2013, 12:18pm

Depens on what Principals you need access too. I solved a similar problem to this by writing a custom JAAS LoginModule that store the original Subject i needed in a SessionVariable, from there I got access to the needed Principal. NOTE if you use a Security Manager you might need to configure some permissions for your application…