I have a very similar situation in my own application where our workflow engine can invoke (Acegi protected) service methods from a background task. This also arises when you are using JMS - your message receiver will execute without any user context, and yet often you need to call into service methods to handle the JMS message. I'm not sure if this is the best approach, but in the case of our workflow engine, we created a specific workflow user. In the case of JMS messages we encrypt the user's credentials into each message. In the message handler we authenticate against those credentials for the duration of the message handler (the user is automatically unauthenticated once the message handler exits).
- Andy On Friday 10 June 2005 01:31 am, Marco Mistroni wrote: > Hello all, > i have a webapp (spring-based) that is used to insert some entries in > a MYSQL database via a PersistenceManager. > I recently came across Acegi and i want to use it in my application, > so proper place in which put permissions will be PersistenceManager. > Thtere is however a small problem with that. > In my application, i am using Quartz job scheduler, and some of the > jobs scheduled use PersistenceManager in order to update my database > (yes, i am lazy, i have my code update the database for me > automatically).. > now, here is the challenge: normally, an user logs in and insert > entries in the database via webinterface, and so Acegi can > authenticate and authorize the user. > But when Quartz launches the Job that updates the database, user does > not need to log in since the job is fired automatically. > And in this case, i must skip authorization at all, since if a job has > been scheduled, that means that the user that did it (via the web > interface) had the rights to do that. > Thing is that if i user Acegi interceptor and apply it to > PersistenceManager, that interceptor will be invoked also from the > Quartz Job, since ultimately the Quartz Job calls PersistenceManager. > In my view i have two possible solutions: > 1 - since i can grab the user that scheduled the job, i can try to > 'authenticate' and authorize it via Acegi since in my QuartzJob i can > get hold of Spring context > 2 - make so that when the Quartz Job invokes PersistenceManager, a > special user is used so that the operation on PersistenceManager is > allowed > > But i don't know the code to write for doing either 1 or 2. > anyone can help and give me suggestions? > > thanx in advance and regards > marco ------------------------------------------------------- This SF.Net email is sponsored by: NEC IT Guy Games. How far can you shotput a projector? How fast can you ride your desk chair down the office luge track? If you want to score the big prize, get to know the little guy. Play to win an NEC 61" plasma display: http://www.necitguy.com/?r=20 _______________________________________________ Home: http://acegisecurity.sourceforge.net Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
