Announcement Announcement Module
Collapse
No announcement yet.
Startup servlet problem with autentication Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Startup servlet problem with autentication

    Hi,
    I wrote startup servlet that do some things when jboss server start, but I have problem because I have to use some of the methods for which acegi check permissions. I have in log this mesage "A valid SecureContext was not provided in the RequestContext". As those methods in this case are called by system not by user how can I bypass that security checking.
    One one mine idea was to make a new user like "System" and to log with it but I don't know how from code to tell acegi that mine startup servlet is that user.
    Finaly I made a methods with same functioanality as methods defined in applicationContext for method invocation autorization but with other name.
    <bean id="managerSecurity"
    class="net.sf.acegisecurity.intercept.method.aopal liance.MethodSecurityInterceptor">
    <property name="authenticationManager">
    <ref bean="authenticationManager" />
    </property>
    <property name="accessDecisionManager">
    <ref local="businessAccessDecisionManager" />
    </property>
    <property name="afterInvocationManager">
    <ref local="afterInvocationManager" />
    </property>
    <property name="objectDefinitionSource">
    <value>
    <!-- ContentManagerAp -->
    com.mypacket.update=ACL_WRITE
    <value>

  • #2
    Have a look at Acegi's RunAsManager. I haven't used it myself, so I cannot give you an example, but have a look at the reference for further information.

    Regards,
    Andreas

    Comment


    • #3
      I have looked that but that is interface that I don't know how to implement.

      Regards
      Goran

      Comment


      • #4
        You don't have to. Have a look at org.acegisecurity.runas.RunAsManagerImpl. There is also a brief description on usage in the API documentation.

        And here a link to the according section in the reference manual.

        Regards,
        Andreas
        Last edited by Andreas Senft; Mar 24th, 2006, 08:48 AM.

        Comment


        • #5
          You just need to set SecurityContextHolder up appropriately whenever your code starts to run. If everything is coordinated from a particular bean, you could just do it within the bean itself, a bit like our anonymous authentication services work.

          Comment

          Working...
          X