EAServer provides a mechanism by which applications can extend and maintain the authenticated session beyond the lifetime enforced by EAServer. This mechanism uses the methods CtsSecurity::SessionInfo::setName and CtsSecurity::AuthService::getCallerPrincipal.
If these methods are implemented, then you must also handle the authorization of the user by either implementing a role service or authorization service. The internal role checking performed by EAServer will not work unless the alternate user name is added to the authorized user’s list for the role. As the alternate user name that is set using the setName API can be dynamic, the role service or authorization service should work in tandem with the authentication service to authorize the user.
CtsSecurity::SessionInfo::setName is a method that can be called only when your custom authentication component is running. When this method is called from the custom authentication component, the server sets the reference to the authenticated security credentials. When the client needs to be authenticated again, the custom authentication component returns the original principal name by calling CtsSecurity::AuthService::getCallerPrincipal(string alternate_name).
The CtsSecurity::SessionInfo::setName method has no effect if clients obtain component instances using CSIv2. If you are using CSIv2, you must use a JAAS module in addition to an authentication or other component. See Chapter 11, “Using the JAAS API” for more information.
For more information, see the documentation for the CtsSecurity::AuthService and CtsSecurity::SessionInfo IDL interface.
