Raphael, is is the isUserLoggedIn() that returns false or the isUserAdmin()? If the first returns false but the second returns true (which would make SOME sense I guess!) then you could refactor your code to only run if isUserAdmin() is true, rather than them both having to be true.
I have no idea, just a guess I'm afraid. Mat. On 9 December 2011 23:45, hendrix.jason <hendrix.ja...@gmail.com> wrote: > There is probably a better way, but you could look at the user agent > string (I see in my logs that the user agent string for pages launched > by cron look like "AppEngine-Google; (+http://code.google.com/ > appengine)". > > Also, cron jobs are executed as admin. You may be able to use the > "userService.isUserAdmin()" functionality, although I haven't tested > that. > > Thanks, > Jason > > On Dec 8, 5:08 am, Raphael André Bauer <raphael.andre.ba...@gmail.com> > wrote: > > Hi, > > > > I am currently trying to secure my urls that are accessed by cron jobs / > tasks. > > > > Normally I would use web.xml like that: > > > > <security-constraint> > > <web-resource-collection> > > <web-resource-name>Protected Area</web-resource-name> > > <url-pattern>/cron/*</url-pattern> > > </web-resource-collection> > > <auth-constraint> > > <role-name>admin</role-name> > > </auth-constraint> > > </security-constraint> > > > > However, I got a constraint, where these urls should be allowed to be > > triggered by other authentification mechanisms. > > > > Therefore I tried to use the UserService if a authenticated user is > > hitting the url. I though cron is an authenticated user... > > > > UserService userService = UserServiceFactory.getUserService(); > > > > if (!userService.isUserLoggedIn()) { > > > > //do nothing > > > > > > > > } else if (!userService.isUserAdmin()) { > > //do nothing > > } > > > > //allow stuff to work... > > > > } > > > > But I do not get a logged in user when cron is programmatically hitting > my urls. > > > > Is there a way to determine if google app engine is hitting my urls > > without using web.xml security constraints? > > > > Thanks, > > > > Best, > > > > Raphael > > -- > You received this message because you are subscribed to the Google Groups > "Google App Engine for Java" group. > To post to this group, send email to > google-appengine-java@googlegroups.com. > To unsubscribe from this group, send email to > google-appengine-java+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/google-appengine-java?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Google App Engine for Java" group. To post to this group, send email to google-appengine-java@googlegroups.com. To unsubscribe from this group, send email to google-appengine-java+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-appengine-java?hl=en.