I am trying to debug some issues with task execution and have a question. Background ========== Documentation states that tasks (cron and task queue) are executed by a system process with admin priviledges.
To protect task execution from unauthorized execution I originally protected them with a security constraint in the web.xml file. That seemed to work OK. Now, for other reasons, I'd like to protect them with code of my own in a filter. I have been trying to confirm admin priviledges in the filter, using code like this: public boolean isAdmin() { UserService user = UserServiceFactory.getUserService(); if ( user.isUserLoggedIn() ) { return user.isUserAdmin(); } else { return false; } } and I also tried directly: return user.isUserAdmin(); without checking for login first. Problem ======= In both cases this seems to return false, even when when the request comes from the system to run a task-queue task. Despite the statement that these requests are run as admin. Question: ======= Can I use the UserService to check admin permissions when the code is being run in a request started by the system to serve a cron or task- queue task? thanks! -- You received this message because you are subscribed to the Google Groups "Google App Engine for Java" group. To post to this group, send email to google-appengine-j...@googlegroups.com. To unsubscribe from this group, send email to google-appengine-java+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-appengine-java?hl=en.