hello Andy, thanx a lot!!! regards marco
On 6/20/05, Andy Depue <[EMAIL PROTECTED]> wrote: > As I originally mentioned, in one particular case we created a special user > just for our background task (because it made sense in this particular > context). So, assuming you have already created a user in your system for > the background task, I can share the code we use to "log in" as a user. > Note, that this code works with Acegi v. 0.8.2, and I'm not sure if it has > changed for later versions. > First, you are going to need an AuthenticationManager, which is usually setup > in your Spring configuration. In our security facade, we keep a reference to > the AuthenticationManager: > > ----- > > ... > > private AuthenticationManager authenticationManager; > > ... > > public AuthenticationManager getAuthenticationManager() > { > return this.authenticationManager; > } > > public void setAuthenticationManager(final AuthenticationManager > authenticationManager) > { > this.authenticationManager = authenticationManager; > } > > ----- > > We then use Spring to inject a reference of the AuthenticationManager into our > security facade bean. > > We then have an "authenticateUser" method that goes something like this: > > > ----- > public void authenticateUser(final String principal, > final String credentials) > { > final UsernamePasswordAuthenticationToken request = new > UsernamePasswordAuthenticationToken(principal, credentials); > final Authentication result = > getAuthenticationManager().authenticate(request); > > // Setup a secure ContextHolder (if required) > if(ContextHolder.getContext() == null || !(ContextHolder.getContext() > instanceof SecureContext)) { > try { > ContextHolder.setContext(new SecureContextImpl()); > } catch(Exception e) { > throw new RuntimeException(e); > } > } > > // Commit the successful Authentication object to the secure > // ContextHolder > final SecureContext sc = (SecureContext) ContextHolder.getContext(); > sc.setAuthentication(result); > ContextHolder.setContext(sc); > } > ----- > > > We then have a matching "unauthenticateUser()" method: > > ----- > public void unauthenticateUser() > { > // Make the Authentication object null if a SecureContext exists > if(ContextHolder.getContext() != null && ContextHolder.getContext() > instanceof SecureContext) { > SecureContext sc = (SecureContext) ContextHolder.getContext(); > sc.setAuthentication(null); > ContextHolder.setContext(sc); > } > } > ----- > > > Note that we wrote this code way back when Acegi will still young, so it might > be the case that Acegi now has utility methods somewhere that do this for > you. I haven't looked recently, so maybe someone can comment. > We also wrote some support interfaces to allow subsystems to authenticate > themselves in a safer manner, but it is a lot of code. So, for now, I will > show you what it all basically boils down to. In your background process, > you would do something like this: > > ----- > securityFacade.authenticateUser(subsystemUserName, subsystemCredentials); > try { > // Background process code goes here > ... > } finally { > securityFacade.unauthenticateUser(); > } > ----- > > - Andy > > On Monday 20 June 2005 09:26 am, Marco Mistroni wrote: > > Hello, > > few time ago Mr Andy Depue reply tomy message on how to use > > acegi in a situation where the user does not log in, (for example in > > the case in which a background process - cron like - periodically > > executes. > > In this situation, how will i create a contextHoldert to associate it > > with the call? > > how will i create a 'default user' (from javacode) so that i can > > safely call my code and being authorized by acegi? > > > > any help? > > > > thanx in advance and regards > > marco > > > ------------------------------------------------------- > SF.Net email is sponsored by: Discover Easy Linux Migration Strategies > from IBM. Find simple to follow Roadmaps, straightforward articles, > informative Webcasts and more! Get everything you need to get up to > speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click > _______________________________________________ > Home: http://acegisecurity.sourceforge.net > Acegisecurity-developer mailing list > Acegisecurity-developer@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer > ------------------------------------------------------- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_idt77&alloc_id492&op=click _______________________________________________ Home: http://acegisecurity.sourceforge.net Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer