hello Andy,
thanx a lot!!!
regards
marco
On 6/20/05, Andy Depue <[EMAIL PROTECTED]> wrote:
> As I originally mentioned, in one particular case we created a special user
> just for our background task (because it made sense in this particular
> context). So, assuming you have already created a user in your system for
> the background task, I can share the code we use to "log in" as a user.
> Note, that this code works with Acegi v. 0.8.2, and I'm not sure if it has
> changed for later versions.
> First, you are going to need an AuthenticationManager, which is usually setup
> in your Spring configuration. In our security facade, we keep a reference to
> the AuthenticationManager:
>
> -----
>
> ...
>
> private AuthenticationManager authenticationManager;
>
> ...
>
> public AuthenticationManager getAuthenticationManager()
> {
> return this.authenticationManager;
> }
>
> public void setAuthenticationManager(final AuthenticationManager
> authenticationManager)
> {
> this.authenticationManager = authenticationManager;
> }
>
> -----
>
> We then use Spring to inject a reference of the AuthenticationManager into our
> security facade bean.
>
> We then have an "authenticateUser" method that goes something like this:
>
>
> -----
> public void authenticateUser(final String principal,
> final String credentials)
> {
> final UsernamePasswordAuthenticationToken request = new
> UsernamePasswordAuthenticationToken(principal, credentials);
> final Authentication result =
> getAuthenticationManager().authenticate(request);
>
> // Setup a secure ContextHolder (if required)
> if(ContextHolder.getContext() == null || !(ContextHolder.getContext()
> instanceof SecureContext)) {
> try {
> ContextHolder.setContext(new SecureContextImpl());
> } catch(Exception e) {
> throw new RuntimeException(e);
> }
> }
>
> // Commit the successful Authentication object to the secure
> // ContextHolder
> final SecureContext sc = (SecureContext) ContextHolder.getContext();
> sc.setAuthentication(result);
> ContextHolder.setContext(sc);
> }
> -----
>
>
> We then have a matching "unauthenticateUser()" method:
>
> -----
> public void unauthenticateUser()
> {
> // Make the Authentication object null if a SecureContext exists
> if(ContextHolder.getContext() != null && ContextHolder.getContext()
> instanceof SecureContext) {
> SecureContext sc = (SecureContext) ContextHolder.getContext();
> sc.setAuthentication(null);
> ContextHolder.setContext(sc);
> }
> }
> -----
>
>
> Note that we wrote this code way back when Acegi will still young, so it might
> be the case that Acegi now has utility methods somewhere that do this for
> you. I haven't looked recently, so maybe someone can comment.
> We also wrote some support interfaces to allow subsystems to authenticate
> themselves in a safer manner, but it is a lot of code. So, for now, I will
> show you what it all basically boils down to. In your background process,
> you would do something like this:
>
> -----
> securityFacade.authenticateUser(subsystemUserName, subsystemCredentials);
> try {
> // Background process code goes here
> ...
> } finally {
> securityFacade.unauthenticateUser();
> }
> -----
>
> - Andy
>
> On Monday 20 June 2005 09:26 am, Marco Mistroni wrote:
> > Hello,
> > few time ago Mr Andy Depue reply tomy message on how to use
> > acegi in a situation where the user does not log in, (for example in
> > the case in which a background process - cron like - periodically
> > executes.
> > In this situation, how will i create a contextHoldert to associate it
> > with the call?
> > how will i create a 'default user' (from javacode) so that i can
> > safely call my code and being authorized by acegi?
> >
> > any help?
> >
> > thanx in advance and regards
> > marco
>
>
> -------------------------------------------------------
> SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
> from IBM. Find simple to follow Roadmaps, straightforward articles,
> informative Webcasts and more! Get everything you need to get up to
> speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click
> _______________________________________________
> Home: http://acegisecurity.sourceforge.net
> Acegisecurity-developer mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
>
-------------------------------------------------------
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_idt77&alloc_id�492&op=click
_______________________________________________
Home: http://acegisecurity.sourceforge.net
Acegisecurity-developer mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
