JBoss EAP 6.x - PolicyContext.getContext remains null

Question

I'm using JBoss EAP 6.4 for my enterprise app and I'm a little stuck when I attempt to retrieve the active subject.

Of course, the user would need to authenticate, which goes through the following code snippet

LoginContext loginContext = new LoginContext("CONTEXTNAME", callbackHandler);
loginContext.login();
return loginContext.getSubject();

That works just fine (and the subject is filled in), however the problem lies when I try to retrieve the subject at a later point in the execution ...

final Subject subject = (Subject)PolicyContext.getContext("javax.security.auth.Subject.container");

... where subject remains null!

What am I missing??

Any help is much appreciated.

Answer 1

SOLVED!

Thanks to the following article on how to introduce the security manager on JBoss EAP 6.4.

The problem was that the security manager had to be configured in JBoss. You need to open the standalone.conf (or standalone.conf.bat), uncomment and add the following:

rem # Uncomment this to run with a security manager enabled
set "SECMGR=true"

rem # Using == when setting -Djava.security.policy specifies that the security manager 
rem # will use only the specified policy file. Using = specifies that the security 
rem # manager will use the specified policy combined with the policy set in the policy.url 
rem # section of JAVA_HOME/lib/security/java.security.
set "JAVA_OPTS=%JAVA_OPTS% -Djava.security.policy==%JBOSS_HOME%\bin\server.policy"

That would enable the security manager and make it point to a custom server.policy, which I have a sample of below:

grant {
  permission java.security.AllPermission;
};

That would give all permissions to any modules to operate. Of course, you'll need to edit the policy file if you want to tighten up the security.

Retrieving the Subject is also easy:

Subject.getSubject(AccessController.getContext());

That's it! I hope it'll work for you guys as well.