If you already have stateless session beans which contain your business logic, the name of the authenticated user is already passed into your EJBs
You could use sessionContext.getCallerPrincipal()
to get the name of the calling user.
Requirements
- The web app uses a
login-config
(defined inweb.xml
) - The JBoss web application uses a
security-domain
(jboss.xml
); other application servers should have a similar pattern to implement login/authentication