Hi, To check if your code is running as a task, you can use the specific http headers added by GAE: QueueName, TaskName, RetryCount. See http://code.google.com/appengine/docs/java/taskqueue/overview.html#Task_Request_Headers
If additionally. you made the right security restrictions, you are pretty safe to assume that you are Admin in a task if those headers are here. For the security constraint, see http://code.google.com/appengine/docs/java/taskqueue/overview.html#Securing_URLs_for_Tasks It's exactly the same idea for cron jobs: see http://code.google.com/appengine/docs/java/config/cron.html#Securing_URLs_for_Cron. So, not a direct answer to your question but a way to reach your goal. Hope it helps didier On Dec 4, 2:38 pm, andrew <[email protected]> wrote: > I am trying to debug some issues with task execution and have a > question. > > Background > ========== > Documentation states that tasks (cron and task queue) are executed by > a system process with admin priviledges. > > To protect task execution from unauthorized execution I originally > protected them with a security constraint in the web.xml file. That > seemed to work OK. > > Now, for other reasons, I'd like to protect them with code of my own > in a filter. > > I have been trying to confirm admin priviledges in the filter, using > code like this: > > public boolean isAdmin() { > UserService user = UserServiceFactory.getUserService(); > > if ( user.isUserLoggedIn() ) { > return user.isUserAdmin(); > } > else { > return false; > } > } > > and I also tried directly: > return user.isUserAdmin(); > > without checking for login first. > > Problem > ======= > In both cases this seems to return false, even when when the request > comes from the system to run a task-queue task. > Despite the statement that these requests are run as admin. > > Question: > ======= > Can I use the UserService to check admin permissions when the code is > being run in a request started by the system to serve a cron or task- > queue task? > > thanks! -- You received this message because you are subscribed to the Google Groups "Google App Engine for Java" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-appengine-java?hl=en.
