Check ltpa token between webseal and websphere 9.0

╄→尐↘猪︶ㄣ 提交于 2019-12-24 23:19:51

问题


Good day! Do you explain for me? I have two servers - webseal and websphere 9.0. On websphere I exported ltpa key and enable security application check. On webseal I imported ltpa key. My code:

        try {
            Subject cs = WSSubject.getCallerSubject();
            logger.info("subject: ", cs);
            logger.info("subjectPrincipal: ", WSSubject.getCallerPrincipal());
            Subject rs = WSSubject.getRunAsSubject();
            logger.info("runSubject: ", rs);
            Set securityCredentials = rs.getPublicCredentials(WSCredential.class);
            WSCredential sc = (WSCredential) securityCredentials.iterator().next();
            logger.info("securityCredential.getSecurityName(): ", sc.getSecurityName());
            return cs != null;
        } catch (Exception e) {
            logger.error("Exception: ", e);
            throw new SecurityException("Can't authorize subject");
        }

In my log:

SecurityService     : subject: 
SecurityService     : subjectPrincipal: 
SecurityService     : runSubject: 
SecurityService     : securityCredential.getSecurityName(): 

What's happened? Why my callerSubject != null, but in my log no more about secure details? Is it correct check of ltpa token?

来源:https://stackoverflow.com/questions/58960099/check-ltpa-token-between-webseal-and-websphere-9-0

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!