final PageManager myFinalPageManager = myPageManager;
final String myFinalFolderPath = myfolderPath;
Exception e = (Exception) Subject.doAsPrivileged(mySubject, new
PrivilegedAction()
{
public Object run()
{
try
{
Folder f = myFinalPageManager.getFolder(myFinalFolderPath);
f.setTitle("Did Something To My Folder From A Servlet!");
myFinalPageManager.updateFolder(f);
return null;
}
catch (Exception e)
{
return e;
}
}
}, null);
if(e != null)
{
log("EXCEPTION", e);
}
On Wed, 2006-03-22 at 11:04 -0500, Sie, Yang wrote:
> Hi Dave and Randy,
>
> I didn't mean to be picky ;-). I also finally found that line in
> AbstractSecurityValve.
>
> First of all, I do want to use in my security Subject. According to the
> Subject API, we have two doAsPrivileged(subject,action,controlcontext)
> methods. Both take three parameters and return an Object type.
>
> * First parameter: subject. I have it.
> * Second parameter: action. I am not sure what to put in as my
> "privileged action". Your sample was to invoke another valve. My target
> was to make pageManager.updateFolder work. how can I plug this in? since
> the implementation of 'new PrivilegedAction()' requires a 'final'
> variable.
> * third parameter: accessControlContext. AccessController.getContext()
> may do, but I am not sure. But is this accessControlerContext going to
> be interpreted the same by the AbstractBaseElemet.java (Subject subject
> = Subject.getSubject(AccessController.getContext());)?
> * the return Object: what should I have it there?
>
> In the end, my problem is solved if my Subject is recognized by
> AbstractBaseElemet.java.
>
> Thank you,
>
> ---Yang
>
>
> -----Original Message-----
> From: David Sean Taylor [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, March 21, 2006 10:24 PM
> To: Jetspeed Users List
> Subject: Re: Use PageManager from a servlet
>
> Hi Yang,
>
> Jeez, are you giving Randy a hard time for a few typos or what? ;)
>
> The class is
>
> org.apache.jetspeed.security.impl.AbstractSecurityValve.java
>
> from svn head, line 112:
>
> PipelineException pe =
> (PipelineException)
> Subject.doAsPrivileged(subject, new PrivilegedAction()
>
> Not sure how you are assembling your Page Manager.
> Take a look at the importer's assembly under
> etc/import-page-manager.xml:
>
> <!-- permissions security enabled flag, default=false -->
> <constructor-arg
> index="4"><value>false</value></constructor-arg>
> <!-- constraints security enabled flag, default=true -->
> <constructor-arg
> index="5"><value>false</value></constructor-arg>
>
> It turns off all security checks.
> Not sure if that is what you want or need...but it may be another
> option, but beware you are running completly unsecured this way, so its
> probably better to run under the Subject's privileged action as Randy
> recommended
>
>
> Sie, Yang wrote:
> > Hello Randy:
> >
> > Thank you for your response. I searched my code and could NOT find
> what
> > you mentioned. There is no AbstractSecurityValveImpl class. I also
> > looked into both AbstractSecurityValve and SecurityValveImpl classes.
> > There was no doPrivilegedAs(). I even could not find the string
> > doPrivilegedAs anywhere. Please advise more detail in this. (Do I need
> > the latest code base?)
> >
> > I can get the subject from the servlet but how to pass it along to be
> > used by AbstractBaseElement class is what I am looking for.
> >
> > Thank you again!
> >
> > ---Yang
> >
> >
> > -----Original Message-----
> > From: Randy Watler [mailto:[EMAIL PROTECTED]
> > Sent: Tuesday, March 21, 2006 8:37 PM
> > To: Jetspeed Users List
> > Subject: Re: Use PageManager from a servlet
> >
> > To use the PageManager component from a servlet, one needs to setup
> the
> > subject manually. You need to access the Subject from the session and
> > use it in a doPrivilegedAs() context as in done in the
> > AbstractSecurityValveImpl.
> >
> > HTH,
> >
> > Randy
> >
> > On Tue, 2006-03-21 at 13:18 -0500, Sie, Yang wrote:
> >
> >>Hello all:
> >>
> >>I am trying to use the page Manager from a servlet to create a folder.
> >
> >
> >>I am hitting an error saying that Subject is missing (
> >>AbstractBaseElement.checkConstraints(): Missing Subject. ).
> >>The error happened when calling pageManager.updateFolder()
> >>It seemed that my auth Subject object didn't get recognized by the
> >>AccessController.getContext() (ref: Subject subject =
> >>Subject.getSubject(AccessController.getContext()); of
> >>org.apache.jetspeed.om.page.psml.AbstractBaseElement.java)
> >>
> >>JS2 ver. 2.1 Dev.
> >>
> >>Please advise. Thank you.
> >>
> >>---Yang
> >>
> >>
> >>---------------------------------------------------------------------
> >>To unsubscribe, e-mail: [EMAIL PROTECTED]
> >>For additional commands, e-mail: [EMAIL PROTECTED]
> >>
> >>
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
> >
> >
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
