My jobs inherit from QuartzJobBean and I override executeInternal.
Inside that method I call another method that configures the
authentication object. In the example below the object that knows what
user to run as is an Application.
private Application app;
...
private void loadApplicationAndSecurityContext(JobExecutionContext
context, ApplicationContext parentAppContext) {
ApplicationDao appDao = (ApplicationDao)
parentAppContext.getBean("applicationDao");
app =
appDao.getApplicationById(context.getMergedJobDataMap().getLongValueFromString(PARENT_APP_KEY));
UserManager userMgr = (UserManager)
parentAppContext.getBean("userManager");
User user = userMgr.getUser(String.valueOf(app.getRunAsUserId()));
Authentication auth = new
UsernamePasswordAuthenticationToken(user, user.getPassword(),
user.getAuthorities());
SecurityContextHolder.getContext().setAuthentication(auth);
}
I believe there is also a way to configure acegi itself to run certain
methods as a particular user in the absence of a Autheticated user.
HTH
kirankeshav wrote:
I was wondering if anyone has used Quartz scheduling with Acegi? More
specifically, we have secured method invocation via acegi (when a secured
method is invoked, the securityServiceInterceptor is invoked and the
Authentication object is checked) in our appfuse based application, and have
quartz running one of these secured methods. The problem is that when quartz
tries to run the method, we get an
org.acegisecurity.AuthenticationCredentialsNotFoundException: An
Authentication object was not found in the SecurityContext
This is expected since quartz itself is not a "user" of the system. In our
webapp, the Authentication obejct is populated when a user logs in. In our
tests, we can programmatically set the user (and corresponding
Authentication object).
To programmatically set the user in our webapp, we would first have to check
to see if the secured method was initially triggered by quartz
(CronExpression) and if so, run as a user with administrator privileges. Is
this possible (we can get objects from Hibernate proxies, but not sure if I
can get the Class, CronExpression in our case, that invokes the secured
method from an
org.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor)?
Alternatively, is there a way to declaratively set an authentication object
on the methods run by the CronExpression (that is, set the principal = admin
when running a method via quartz)?
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
