Hi,
To check if your code is running as a task, you can use the specific
http headers added by GAE: QueueName, TaskName, RetryCount. See
http://code.google.com/appengine/docs/java/taskqueue/overview.html#Task_Request_Headers
If additionally. you made the right security restrictions, you are
pretty safe to assume that you are Admin in a task if those headers
are here.
For the security constraint, see
http://code.google.com/appengine/docs/java/taskqueue/overview.html#Securing_URLs_for_Tasks
It's exactly the same idea for cron jobs: see
http://code.google.com/appengine/docs/java/config/cron.html#Securing_URLs_for_Cron.
So, not a direct answer to your question but a way to reach your goal.
Hope it helps
didier
On Dec 4, 2:38 pm, andrew aute...@gmail.com wrote:
I am trying to debug some issues with task execution and have a
question.
Background
==
Documentation states that tasks (cron and task queue) are executed by
a system process with admin priviledges.
To protect task execution from unauthorized execution I originally
protected them with a security constraint in the web.xml file. That
seemed to work OK.
Now, for other reasons, I'd like to protect them with code of my own
in a filter.
I have been trying to confirm admin priviledges in the filter, using
code like this:
public boolean isAdmin() {
UserService user = UserServiceFactory.getUserService();
if ( user.isUserLoggedIn() ) {
return user.isUserAdmin();
}
else {
return false;
}
}
and I also tried directly:
return user.isUserAdmin();
without checking for login first.
Problem
===
In both cases this seems to return false, even when when the request
comes from the system to run a task-queue task.
Despite the statement that these requests are run as admin.
Question:
===
Can I use the UserService to check admin permissions when the code is
being run in a request started by the system to serve a cron or task-
queue task?
thanks!
--
You received this message because you are subscribed to the Google Groups
Google App Engine for Java group.
To post to this group, send email to google-appengine-j...@googlegroups.com.
To unsubscribe from this group, send email to
google-appengine-java+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/google-appengine-java?hl=en.