Screencast: Extending JavaEE Authorization With Custom Principal

With a few lines of code you can expose a custom principal and fetch entitlements from whatever store you like. External libraries become obsolete and your WAR stays leaner:

[See also an in-depth discussion in the "Real World Java EE Patterns--Rethinking Best Practices" book (Second Iteration, "Green Book"), page 161 (Sample "Principal Enricher") in, chapter "Re-Injector"]

See also other screencasts at: or subscribe to

See you at Java EE Workshops at MUC Airport, particularly at the Effective JavaEE workshop!

NEW: Online Workhop Effective WebApps without Frameworks is also coming to: MUC Airport.

Airport MUC workshops: Web (SPA, PWAs, Offline, Desktop, Mobile) Applications Essentials and Effective Web Applications. No migrations. #usetheplatform

Podcast: and newsletter:

A book about rethinking Java EE Patterns


Shouldn't you use Instance<Principal> in your producer?

Posted by RS on September 05, 2013 at 11:03 AM CEST #

Is it OK to CustomRealm to be @Stateless, since the injected Principal is different for every user?

Posted by The Alchemist on August 05, 2015 at 02:16 AM CEST #

Post a Comment:
  • HTML Syntax: NOT allowed
Online Workshops
...the last 150 posts
...the last 10 comments