Re: How to retrieve an user Principal?
2006/3/16, Mladen Turk [EMAIL PROTECTED]: Yes. Servlet spec 2.4 Thank you very much. Persons like you make me loosing faith in the Open Source. I think I'll call the guys at IBM... -- TREMALNAIK - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to retrieve an user Principal?
Tremal Naik wrote: 2006/3/16, Mladen Turk [EMAIL PROTECTED]: Yes. Servlet spec 2.4 Thank you very much. Persons like you make me loosing faith in the Open Source. I think I'll call the guys at IBM... Go and troll somewhere else. I told you that JBoss uses thread local storage. 1. Request comes in. 2. According to the Servlet spec the request is parsed and user determined. 3. It is added to the thread local. 4. getPrincipal() ... return (Principal) threadPrincipal.get(); So it does all that for you. Without J2EE container, you'll need to use the the Servlet spec. -- Mladen. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to retrieve an user Principal?
2006/3/17, Mladen Turk [EMAIL PROTECTED]: Go and troll somewhere else. sorry, I thought you where pissing on me. I didn't understand your real intentions. I will manage the request to get what I'm looking for. Thanks, -- TREMALNAIK - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: How to retrieve an user Principal?
From: Tremal Naik [mailto:[EMAIL PROTECTED] Subject: How to retrieve an user Principal? how can i retrieve an user principal? I don't want to get it from the request, but directly from the underlying security framework. ??? That doesn't make any sense to me. There may be may users connected to Tomcat at any given time; if you don't get the one corresponding to a specific request (or associated session), what do you think you're getting? - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to retrieve an user Principal?
Tremal Naik wrote: Hello, how can i retrieve an user principal? I don't want to get it from the request, but directly from the underlying security framework. My application, when developed in Jboss, uses an instruction like the following: org.jboss.security.SecurityAssociation.getPrincipal(); Is there something similar in Tomcat? May you please point me to the correct resource (documentation, web page)? JBoss getPrincipal() figures that from the request, so where the problem? Regards, Mladen. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to retrieve an user Principal?
2006/3/16, Caldarale, Charles R [EMAIL PROTECTED]: ??? That doesn't make any sense to me. There may be may users connected to Tomcat at any given time; if you don't get the one corresponding to a specific request (or associated session), what do you think you're getting? well, I don't know how it works, but it works! In Jboss I mean. The method I was talking about is as follows: public static Principal getPrincipal() { SecurityManager sm = System.getSecurityManager(); if (sm != null) sm.checkPermission(getPrincipalInfoPermission); if (peekRunAsIdentity() != null) return peekRunAsIdentity(); if (server) return (Principal) threadPrincipal.get(); else return principal; } No (visible) reference to the session of the user, but if invoked it returns the correct user principal. It's useful in all those situations you don't have the session, like helper classes, and you don't want an additional argument to your method (like a String session ID). It allows writing simpler and cleaner code. -- TREMALNAIK - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to retrieve an user Principal?
2006/3/16, Mladen Turk [EMAIL PROTECTED]: JBoss getPrincipal() figures that from the request, Maybe, but it doesn't require I pass the request as an argument, ir returns the principal from whenever I call it in the code, simply, even in those classes which doesn't have a request variabile. It allows me writing security helpers, for instance, which can be used from within pluggable JAAS Login Modules, where the request is not available at all. So my question follows: is there anything similar in Tomcat? cheers -- TREMALNAIK - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]