As I originally mentioned, in one particular case we created a special user
just for our background task (because it made sense in this particular
context). So, assuming you have already created a user in your system for
the background task, I can share the code we use to "log in" as a user.
Note, that this code works with Acegi v. 0.8.2, and I'm not sure if it has
changed for later versions.
First, you are going to need an AuthenticationManager, which is usually setup
in your Spring configuration. In our security facade, we keep a reference to
the AuthenticationManager:
-----
...
private AuthenticationManager authenticationManager;
...
public AuthenticationManager getAuthenticationManager()
{
return this.authenticationManager;
}
public void setAuthenticationManager(final AuthenticationManager
authenticationManager)
{
this.authenticationManager = authenticationManager;
}
-----
We then use Spring to inject a reference of the AuthenticationManager into our
security facade bean.
We then have an "authenticateUser" method that goes something like this:
-----
public void authenticateUser(final String principal,
final String credentials)
{
final UsernamePasswordAuthenticationToken request = new
UsernamePasswordAuthenticationToken(principal, credentials);
final Authentication result =
getAuthenticationManager().authenticate(request);
// Setup a secure ContextHolder (if required)
if(ContextHolder.getContext() == null || !(ContextHolder.getContext()
instanceof SecureContext)) {
try {
ContextHolder.setContext(new SecureContextImpl());
} catch(Exception e) {
throw new RuntimeException(e);
}
}
// Commit the successful Authentication object to the secure
// ContextHolder
final SecureContext sc = (SecureContext) ContextHolder.getContext();
sc.setAuthentication(result);
ContextHolder.setContext(sc);
}
-----
We then have a matching "unauthenticateUser()" method:
-----
public void unauthenticateUser()
{
// Make the Authentication object null if a SecureContext exists
if(ContextHolder.getContext() != null && ContextHolder.getContext()
instanceof SecureContext) {
SecureContext sc = (SecureContext) ContextHolder.getContext();
sc.setAuthentication(null);
ContextHolder.setContext(sc);
}
}
-----
Note that we wrote this code way back when Acegi will still young, so it might
be the case that Acegi now has utility methods somewhere that do this for
you. I haven't looked recently, so maybe someone can comment.
We also wrote some support interfaces to allow subsystems to authenticate
themselves in a safer manner, but it is a lot of code. So, for now, I will
show you what it all basically boils down to. In your background process,
you would do something like this:
-----
securityFacade.authenticateUser(subsystemUserName, subsystemCredentials);
try {
// Background process code goes here
...
} finally {
securityFacade.unauthenticateUser();
}
-----
- Andy
On Monday 20 June 2005 09:26 am, Marco Mistroni wrote:
> Hello,
> few time ago Mr Andy Depue reply tomy message on how to use
> acegi in a situation where the user does not log in, (for example in
> the case in which a background process - cron like - periodically
> executes.
> In this situation, how will i create a contextHoldert to associate it
> with the call?
> how will i create a 'default user' (from javacode) so that i can
> safely call my code and being authorized by acegi?
>
> any help?
>
> thanx in advance and regards
> marco
-------------------------------------------------------
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click
_______________________________________________
Home: http://acegisecurity.sourceforge.net
Acegisecurity-developer mailing list
Acegisecurity-developer@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
