This discussion is archived
1 Reply Latest reply: Jan 4, 2013 9:01 AM by jtahlborn RSS

Different AccessControlContexts when executing JMX operations

982095 Newbie
Currently Being Moderated
I have a custom InvocationHandler/MBeanServerForwarder class set on my JMX server so I can grant permissions to specific methods based on the authenticated user.

When an Operation (i.e. a get/set method) is invoked in JConsole, I get the correct Subject via
AccessControlContext acc = AccessController.getContext();
Subject subject = Subject.getSubject(acc);

However, when an Attribute is modified, I get a different AccessControlContext than was previously returned and an empty Subject. So I have no way of knowing who the authenticated user is and if they have permission to access that attribute.

Is there a different/better way of getting the authenticated user inside the InvocationHandler?

Thanks.

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points