I m working on an application that uses EJB 3.0 and exposes its methods as web services.
SiteMinder is used to provide authentication. After successful login, the request header will contain the user s login id which can be read by
request.getHeader("sm_user");
This information is available at the WebService end point and can be read in a Servlet Filter also.
But how do I get this information in the EJB layer without explicitly passing it as a parameter? How can I get/set the credentials using a Principal object with the help of an Interceptor?
Please provide your valuable inputs.