Pavel, Even without an AuthenticationService, I think that there is a hook in the SPI that you can use to do this. If you extend org.apache.pluto.core.DefaultPortletEnvironmentService, you can control the implementations of ActionRequest and RenderRequest that are utilized. Thus, you could extend ActionRequestImpl and RenderRequestImpl to provide your own version of getRemoteUser() as needed.
-- Ben On Fri, 2007-07-20 at 09:32 -0600, Pavel wrote: > Hi, > > I'm implementing my own authentication in my portal and I'd like it to > propagate to portlets. AFAIU request.getRemoteUser() is the only > JSR-168ish way... Is there any way to control it? I don't see anything > in the Pluto SPI, and the implementation of the PortletRequest just gets > the RemoteUser straight from HttpServletRequest. But according to > PLT.11.1.6 of JSR-168 spec I should be able to implement my own AuthType. > > Are there any plans for an optional AuthenticationService? > > Thanks, > > Pavel >
