更新时间:2023-12-04 18:12:22
This is part of the JSR-115 specification JavaTM Authorization Contract for Containers. See section 4.6.1.1 Container Subject Policy Context Handler:
4.6.1.1 Container Subject Policy Context Handler
All EJB and Servlet containers must register a PolicyContextHandler whose getContext method returns a javax.security.auth.Subject object when invoked with the key "javax.security.auth.Subject.container".
In your application, you can retrieve the object through the following commands:
import javax.security.jacc.PolicyContext;
Subject subject = (Subject) PolicyContext.getContext("javax.security.auth.Subject.container");
Note: the class should be added in get[Private|Public]Credentials()
(with no args). The get[Public|Private]Credentials(Class<T>.class)
generates a copy of the content, "filtering" the classes that are instances of the argument, serving only to retrieve saved classes.
Note: Not tested on JBoss, but I think it applies in the same way, based on JBoss Doc.
References: