I'm not the security expert in our group, but I can describe how we
access the principal: We wrote a SecurtiyStore which implements
connect like this:
public synchronized void connect(CredentialsToken credentialsToken)
throws ServiceConnectionFailedException
{
Store store;
if (isConnected()) {
// Slide issues multiple connect call for the same store in
the same
// thread. We process only the first
return;
}
if (credentialsToken != null) {
principal = credentialsToken.getPrincipal();
} else {
// no suitable credentials to connect -- do nothing
}
[store principal "ThreadLocal"]
}
Principal has to be stored "ThreadLocal" because there are different
credentialsTokens for different requests ...
Michael
On Sat, 2003-12-20 at 16:57, Mike Oliver wrote:
> Gents,
>
> I could use a hand, I cannot find a way to get at the servlet context
> or
> session object to get user information from my custom store I am
> extending the AbstractTxFileStoreService.
>
> I have already looked at all (or at least I think I have) the
> properties
> and methods of all the complex objects passed to all the methods and I
> cannot see any sort of method or reference to get at this info....but
> it
> is illogical to me that the Store doesn't know who the user is, so I
> know I am missing something.
>
> Please point me in the right direction!
>
> Ollie
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
