Ronald Wildenberg wrote:
> In these methods I can obtain the current security implementation
> (MMBase.getMMBase().getMMBaseCop().getAuthorization()), I can obtain the
> cloud (request.getSession().getAttribute("cloud_mmbase")) and from the
> cloud I can obtain the user (cloud.getUser()). However, this user is an
> implementation of org.mmbase.bridge.User. All methods in the authorization
> implementation only accept an org.mmbase.security.UserContext that cannot
> be obtained by any means.
>
> I would like to call myAuthorization.check(UserContext, int, Operation)
> from this method, but this is impossible.
>
> Does anyone have a solution for this problem?
I do think it was a bad idea that Cloud#getUser() does not simply return a
org.mmbase.security.UserContext object, which would make life a lot simpler. I'd +1 if
the
optimization project would suggest to change that (in other words, make security
interfaces somehow
a part of bridge, or er, let security implement some bridge interfaces.)
I think you'll currently would end up reconstructing your UserContext using
cloud.User#getIdentifier
after all. You say that that is not possible. Why not?
Why don't you simply implement check? The UserContext is an argument then? I mean, why
are you
calling the security methods yourself in the first place? Perhaps I don't quite
understand your problem....
Michiel
--
Michiel Meeuwissen mihxil'
Mediacentrum 140 H'sum [] ()
+31 (0)35 6772979 nl_NL eo_XX en_US
