Hi,
as I understand, currently all RPC calls go under an anonymous identity,
e.g.
public Vector getRecentChanges( Date since )
{
checkPermission( PagePermission.VIEW );
...
If you'd extend the method signature with user/pass, how'd you log in the
subject?
I tried
Subject subject = new Subject();
Principal p = new WikiPrincipal( username, WikiPrincipal.LOGIN_NAME );
subject.getPrincipals().add( p );
PrivilegedExceptionAction action = new PrivilegedExceptionAction() {
public String run() throws Exception
{
checkPermission( PagePermission.VIEW );
but still the check is against an anonymous user.
Thanks,
Juergen
--
View this message in context:
http://old.nabble.com/RPC-Authentication-tp27592918p27592918.html
Sent from the JspWiki - User mailing list archive at Nabble.com.
