Re: [flexcoders] flex and j2ee session

Fri, 05 Jan 2007 14:28:18 -0800 

Carson, yes, I verified this is being sent in the headers for calls made to
the messagebroker.

What I have found:  If I remove the security node from within the
destination node in my remoting-config.xml file, I can get
FlexContext.getFlexSession().getUserPrincipal().getName()
But I can not access any roles the user is in via
FlexContext.getFlexSession().isUserInRole("reader")

If I add the security node back within the destination node in my
remoting-config.xml file, I get nothgin but a 'server.processing' error.
Below is the security node.  Note, I have confirmed these roles are in use
via a JSP.

So, must be a config mishap somewhere, eh?

<security>
           <security-constraint>
               <auth-method>Custom</auth-method>
               <roles>
                   <role>editor</role>
                   <role>reader</role>
               </roles>
           </security-constraint>
       </security>

On 1/5/07, Carson Hager <[EMAIL PROTECTED]> wrote:


 I would take a look at the http request contents to make sure that the
same jsessionid is being passed for your remoteobject calls and other http
calls from your browser such as JSPs, Servlets, etc. You can do this with
any number of tools/browser plugins. This is the best way to make sure that
the communication is working as it should before digging any further.


Carson

____________________________________________

Carson Hager
Cynergy Systems, Inc.
http://www.cynergysystems.com

Email:  [EMAIL PROTECTED]
Office:  866-CYNERGY
Mobile: 1.703.489.6466


 ------------------------------
*From:* [email protected] [mailto:[EMAIL PROTECTED] *On
Behalf Of *Douglas Knudsen
*Sent:* Friday, January 05, 2007 5:57 AM
*To:* [email protected]
*Subject:* Re: [flexcoders] flex and j2ee session

 nope same context.  I can drop a jsp page in and retrieve the
userprincipal object too.

DK

On 1/4/07, Dimitrios Gianninas < [EMAIL PROTECTED]>
wrote:
>
>
> When the user logs in, is it under a diff context than where the flex
> apps resides?
>
> Dimitrios Gianninas
> Optimal Payments Inc.
>
>
>
> -----Original Message-----
> From: [email protected] on behalf of Douglas Knudsen
> Sent: Thu 1/4/2007 5:45 PM
> To: [email protected]
> Subject: [flexcoders] flex and j2ee session
>
> ok, a oft beat about topic I know.  Porting a Flex 1.5 app over to 2.0.
> Using Tomcat.  Under 1.5 I got the session in a remoteobject POJO like
> this
>
> flashgateway.Gateway.getHttpRequest().getUserPrincipal().getName();
>
> For the new Flex 2 version I'm using
>
> FlexContext.getFlexSession().getUserPrincipal().getName();
>
> but this is bombing out.   I'm using container based security with BASIC
> auth for development.  I'm not trying to log a user in with a Flex UI,
> user
> is already logged in before the Flex UI comes up.
>
> Something I'm missing somewhere?
>
>
> --
> Douglas Knudsen
> http://www.cubicleman.com
> this is my signature, like it?
>
> --
> WARNING
> -------
> This electronic message and its attachments may contain confidential,
> proprietary or legally privileged information, which is solely for the use
> of the intended recipient.  No privilege or other rights are waived by any
> unintended transmission or unauthorized retransmission of this message.  If
> you are not the intended recipient of this message, or if you have received
> it in error, you should immediately stop reading this message and delete it
> and all attachments from your system.  The reading, distribution, copying or
> other use of this message or its attachments by unintended recipients is
> unauthorized and may be unlawful.  If you have received this e-mail in
> error, please notify the sender.
>
> AVIS IMPORTANT
> --------------
> Ce message électronique et ses pièces jointes peuvent contenir des
> renseignements confidentiels, exclusifs ou légalement privilégiés destinés
> au seul usage du destinataire visé.  L'expéditeur original ne renonce à
> aucun privilège ou à aucun autre droit si le présent message a été transmis
> involontairement ou s'il est retransmis sans son autorisation.  Si vous
> n'êtes pas le destinataire visé du présent message ou si vous l'avez reçu
> par erreur, veuillez cesser immédiatement de le lire et le supprimer, ainsi
> que toutes ses pièces jointes, de votre système.  La lecture, la
> distribution, la copie ou tout autre usage du présent message ou de ses
> pièces jointes par des personnes autres que le destinataire visé ne sont pas
> autorisés et pourraient être illégaux.  Si vous avez reçu ce courrier
> électronique par erreur, veuillez en aviser l'expéditeur.
>
>
>
> --
> Flexcoders Mailing List
> FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt
> Search Archives:
> http://www.mail-archive.com/flexcoders%40yahoogroups.com
> Yahoo! Groups Links
>
>
>
>
>


--
Douglas Knudsen
http://www.cubicleman.com
this is my signature, like it?







--
Douglas Knudsen
http://www.cubicleman.com
this is my signature, like it?

Reply via email to