I would like to provide an anonymous access to EJB3 Session Bean. So that independently of other beans (secure they or not) I could access my bean simply with:
InitialContext ctx = new InitialContext(props);
MyBean myBean = (MyBean) ctx.lookup("MyBean");
without any LoginContext and security handlers. Is it possible?
I imagine that should lead to callee principal equals null or equals some specially prepared principal with login/pass/role.
How to provide an anonymous access to EJB3 session bean?
If you want to allow callers to perform anonymous lookups, don't secure your EJB. In this mode, callers do not specify the principal and credentials when creating the InitialContext.
I imagine that should lead to callee principal equals null or equals some specially prepared principal with login/pass/role.
In the case of anonymous callers, you would get a special value (not null).