Currently have WebSphere with some EJBs and defined custom user registry based on DB.

Question

0

Editorial Team

Asked: May 24, 20262026-05-24T21:31:37+00:00 2026-05-24T21:31:37+00:00

Currently have WebSphere with some EJBs and defined custom user registry based on DB.

0

Currently have WebSphere with some EJBs and defined custom user registry based on DB.

Now I am planning new application on Tomcat, which :

has same users as existing WebSphere
share access to the same DB
has to call EJB from WebSphere as logged user (results of call depend of calling user )
1. Is it possible to call WebSphere EJB from Tomcat with security ?
  Probably yes, but if :

Users in DB have hashed passwords, Tomcat app during user login can hash entered password and determine if valid, but now if I call WebSphere EJB, I assume I should provide password (to InitialContext?), but no one knows it?

Does Anyone have idea how to solve it?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-24T21:31:39+00:00

Editorial Team

2026-05-24T21:31:39+00:00Added an answer on May 24, 2026 at 9:31 pm

Dirt and quick: Store unhashed password in Tomcat session and use it. Remember not to serialize it!

Alternative: Explore what kerberos does. I am not very familiar with it, but its objective seems exactly the same that you are looking for (kerberos centralices authentication and returns ticket that give access to the resources). Sorry I cannot be more specific.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

Currently have WebSphere with some EJBs and defined custom user registry based on DB.

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply