Screencast: Extending JavaEE Authorization With Custom Principal

With a few lines of code you can expose a custom principal and fetch entitlements from whatever store you like. External libraries become obsolete and your WAR stays leaner:

[See also an in-depth discussion in the "Real World Java EE Patterns--Rethinking Best Practices" book (Second Iteration, "Green Book"), page 161 (Sample "Principal Enricher") in, chapter "Re-Injector"]

See also other screencasts at: or subscribe to

See you at Java EE Workshops at MUC Airport, particularly at the Effective JavaEE workshop!


Shouldn't you use Instance<Principal> in your producer?

Posted by RS on September 05, 2013 at 11:03 AM CEST #

Is it OK to CustomRealm to be @Stateless, since the injected Principal is different for every user?

Posted by The Alchemist on August 05, 2015 at 02:16 AM CEST #

Post a Comment:
  • HTML Syntax: NOT allowed
...the last 150 posts
...the last 10 comments