Ollie
Michael Hartmeier wrote:
I'm not the security expert in our group, but I can describe how we access the principal: We wrote a SecurtiyStore which implements connect like this:
public synchronized void connect(CredentialsToken credentialsToken)
throws ServiceConnectionFailedException {
Store store;
if (isConnected()) {
// Slide issues multiple connect call for the same store in
the same
// thread. We process only the first
return;
}
if (credentialsToken != null) {
principal = credentialsToken.getPrincipal();
} else {
// no suitable credentials to connect -- do nothing
}
[store principal "ThreadLocal"] }
Principal has to be stored "ThreadLocal" because there are different credentialsTokens for different requests ...
Michael
On Sat, 2003-12-20 at 16:57, Mike Oliver wrote:
Gents,
I could use a hand, I cannot find a way to get at the servlet context
or session object to get user information from my custom store I am extending the AbstractTxFileStoreService.
I have already looked at all (or at least I think I have) the
properties and methods of all the complex objects passed to all the methods and I
cannot see any sort of method or reference to get at this info....but
it is illogical to me that the Store doesn't know who the user is, so I know I am missing something.
Please point me in the right direction!
Ollie
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
