JBoss AS: No valid security context for the caller identity

Question

I need to get the caller's user name in a SLSB using JBoss AS 6. Therefore, I passed it to the InitialContext like this:

Context ctx = new InitialContext();
String userName = System.getProperty("user.name");
ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, userName);

In my SLSB I try to access it using:

@Resource
EJBContext ctx;

// ...

String userName = ctx.getCallerPrincipal().getName();

However, I receive the following error from JBoss:

java.lang.IllegalStateException: No valid security context for the caller identity
    at org.jboss.ejb3.EJBContextImpl.getCallerPrincipal(EJBContextImpl.java:143)

Can someone please give me a hint what in the JAAS universe I have to configure in which JBoss AS file to get it up and running?

Answer 1

The answer to my question is provided in

• http://community.jboss.org/wiki/LoginInitialContextFactory
• http://community.jboss.org/wiki/JndiLoginInitialContextFactory

As I do not need authentication/authorisation currently, I simply added the following lines at the end of file conf/login-conf.xml:

  <application-policy name="simple">
    <authentication>
      <login-module code="org.jboss.security.auth.spi.SimpleServerLoginModule" flag="required" />
    </authentication>
  </application-policy>

Beware of the security risk!!! There is none security with my solution, using the SimpleServerLoginModule!