doh! bloody heck, found it. Use FlexContext.getHttpRequest().isUserInRole() NOT FlexContext.getFlexSession().isUserInRole('foo')
I swear my previous installs of Eclipse and FB SDK didn't have FlexContext.getHttpRequest(), I don't recall seeing it in the context help....errrrrrr. Must have been bad bits in me coffee. DK On 1/20/07, Douglas Knudsen <[EMAIL PROTECTED]> wrote:
interesting, have not heard this before. Is Tomcat such a container? If so, why is it finding the UserPrincipal, but not the roles? I'm going to put together a 'Hello World' sample testing this. DK On 1/20/07, esaltelli <[EMAIL PROTECTED]> wrote: > > Several web containers require more than just the session id. When > using basic authentication, user name and password must be sent on > each and every request. Can you verify that the headers include > authorization credentials? > > --- In flexcoders@yahoogroups.com, "Douglas Knudsen" > <[EMAIL PROTECTED]> wrote: > > > > Carson, yes, I verified this is being sent in the headers for calls > made to > > the messagebroker. > > > > What I have found: If I remove the security node from within the > > destination node in my remoting-config.xml file, I can get > > FlexContext.getFlexSession ().getUserPrincipal().getName() > > But I can not access any roles the user is in via > > FlexContext.getFlexSession().isUserInRole("reader") > > > > If I add the security node back within the destination node in my > > remoting-config.xml file, I get nothgin but a 'server.processing' > error. > > Below is the security node. Note, I have confirmed these roles are > in use > > via a JSP. > > > > So, must be a config mishap somewhere, eh? > > > > <security> > > <security-constraint> > > <auth-method>Custom</auth-method> > > <roles> > > <role>editor</role> > > <role>reader</role> > > </roles> > > </security-constraint> > > </security> > > > > On 1/5/07, Carson Hager < [EMAIL PROTECTED]> wrote: > > > > > > I would take a look at the http request contents to make sure > that the > > > same jsessionid is being passed for your remoteobject calls and > other http > > > calls from your browser such as JSPs, Servlets, etc. You can do > this with > > > any number of tools/browser plugins. This is the best way to make > sure that > > > the communication is working as it should before digging any > further. > > > > > > > > > Carson > > > > > > ____________________________________________ > > > > > > Carson Hager > > > Cynergy Systems, Inc. > > > http://www.cynergysystems.com > > > > > > Email: [EMAIL PROTECTED] > > > Office: 866-CYNERGY > > > Mobile: 1.703.489.6466 > > > > > > > > > ------------------------------ > > > *From:* flexcoders@yahoogroups.com > [mailto:[EMAIL PROTECTED] *On > > > Behalf Of *Douglas Knudsen > > > *Sent:* Friday, January 05, 2007 5:57 AM > > > *To:* flexcoders@yahoogroups.com > > > *Subject:* Re: [flexcoders] flex and j2ee session > > > > > > nope same context. I can drop a jsp page in and retrieve the > > > userprincipal object too. > > > > > > DK > > > > > > On 1/4/07, Dimitrios Gianninas < dimitrios.gianninas @...> > > > wrote: > > > > > > > > > > > > When the user logs in, is it under a diff context than where the > flex > > > > apps resides? > > > > > > > > Dimitrios Gianninas > > > > Optimal Payments Inc. > > > > > > > > > > > > > > > > -----Original Message----- > > > > From: flexcoders@yahoogroups.com on behalf of Douglas Knudsen > > > > Sent: Thu 1/4/2007 5:45 PM > > > > To: flexcoders@yahoogroups.com > > > > Subject: [flexcoders] flex and j2ee session > > > > > > > > ok, a oft beat about topic I know. Porting a Flex 1.5 app over > to 2.0. > > > > Using Tomcat. Under 1.5 I got the session in a remoteobject > POJO like > > > > this > > > > > > > > flashgateway.Gateway.getHttpRequest > ().getUserPrincipal().getName(); > > > > > > > > For the new Flex 2 version I'm using > > > > > > > > FlexContext.getFlexSession ().getUserPrincipal().getName(); > > > > > > > > but this is bombing out. I'm using container based security > with BASIC > > > > auth for development. I'm not trying to log a user in with a > Flex UI, > > > > user > > > > is already logged in before the Flex UI comes up. > > > > > > > > Something I'm missing somewhere? > > > > > > > > > > > > -- > > > > Douglas Knudsen > > > > http://www.cubicleman.com > > > > this is my signature, like it? > > > > > > > > -- > > > > WARNING > > > > ------- > > > > This electronic message and its attachments may contain > confidential, > > > > proprietary or legally privileged information, which is solely > for the use > > > > of the intended recipient. No privilege or other rights are > waived by any > > > > unintended transmission or unauthorized retransmission of this > message. If > > > > you are not the intended recipient of this message, or if you > have received > > > > it in error, you should immediately stop reading this message > and delete it > > > > and all attachments from your system. The reading, > distribution, copying or > > > > other use of this message or its attachments by unintended > recipients is > > > > unauthorized and may be unlawful. If you have received this > e-mail in > > > > error, please notify the sender. > > > > > > > > AVIS IMPORTANT > > > > -------------- > > > > Ce message électronique et ses pièces jointes peuvent contenir des > > > > > renseignements confidentiels, exclusifs ou légalement > privilégiés destinés > > > > au seul usage du destinataire visé. L'expéditeur original ne > renonce à > > > > aucun privilège ou à aucun autre droit si le présent message a > été transmis > > > > involontairement ou s'il est retransmis sans son autorisation. > Si vous > > > > n'êtes pas le destinataire visé du présent message ou si vous > l'avez reçu > > > > par erreur, veuillez cesser immédiatement de le lire et le > supprimer, ainsi > > > > que toutes ses pièces jointes, de votre système. La lecture, la > > > > distribution, la copie ou tout autre usage du présent message ou > de ses > > > > pièces jointes par des personnes autres que le destinataire visé > ne sont pas > > > > autorisés et pourraient être illégaux. Si vous avez reçu ce > courrier > > > > électronique par erreur, veuillez en aviser l'expéditeur. > > > > > > > > > > > > > > > > -- > > > > Flexcoders Mailing List > > > > FAQ: > http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt > > > > Search Archives: > > > > http://www.mail-archive.com/flexcoders%40yahoogroups.com > > > > Yahoo! Groups Links > > > > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > Douglas Knudsen > > > http://www.cubicleman.com > > > this is my signature, like it? > > > > > > > > > > > > > > > > > -- > > Douglas Knudsen > > http://www.cubicleman.com > > this is my signature, like it? > > > > > > > -- > Flexcoders Mailing List > FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt > Search Archives: > http://www.mail-archive.com/flexcoders%40yahoogroups.com > Yahoo! Groups Links > > > > -- Douglas Knudsen http://www.cubicleman.com this is my signature, like it?
-- Douglas Knudsen http://www.cubicleman.com this is my signature, like it?