Juergen -- you need to use the AuthenticationManager.login() methods. Andrew
On Mon, Feb 15, 2010 at 7:02 AM, Juergen Weber <[email protected]> wrote: > > Hi, > > as I understand, currently all RPC calls go under an anonymous identity, > e.g. > > public Vector getRecentChanges( Date since ) > { > checkPermission( PagePermission.VIEW ); > ... > > If you'd extend the method signature with user/pass, how'd you log in the > subject? > > I tried > > Subject subject = new Subject(); > Principal p = new WikiPrincipal( username, WikiPrincipal.LOGIN_NAME ); > subject.getPrincipals().add( p ); > > PrivilegedExceptionAction action = new PrivilegedExceptionAction() { > public String run() throws Exception > { > checkPermission( PagePermission.VIEW ); > > but still the check is against an anonymous user. > > Thanks, > Juergen > > -- > View this message in context: > http://old.nabble.com/RPC-Authentication-tp27592918p27592918.html > Sent from the JspWiki - User mailing list archive at Nabble.com. > >
