Hi Andrew,
I had tried that:
AuthenticationManager authenticationManager =
m_engine.getAuthenticationManager();
WikiSession wikiSession = m_context.getWikiSession();
authenticationManager.login( wikiSession, null, username, password );
checkPermission( PagePermission.UPLOAD );
org.apache.xmlrpc.AuthenticationFailed: You have no access to this resource,
o master
at
com.ecyrd.jspwiki.xmlrpc.AbstractRPCHandler.checkPermission(AbstractRPCHandler.java:119)
at
com.ecyrd.jspwiki.xmlrpc.RPCHandler.storeAttachment(RPCHandler.java:175)
>From the usual wiki web gui I can upload with this user/pass.
I use container-managed auth with Tomcat 6.
Juergen
Andrew Jaquith-4 wrote:
>
> Juergen -- you need to use the AuthenticationManager.login() methods.
>
> Andrew
>
> On Mon, Feb 15, 2010 at 7:02 AM, Juergen Weber <[email protected]> wrote:
>>
>> Hi,
>>
>> as I understand, currently all RPC calls go under an anonymous identity,
>> e.g.
>>
>> public Vector getRecentChanges( Date since )
>> {
>> checkPermission( PagePermission.VIEW );
>> ...
>>
>> If you'd extend the method signature with user/pass, how'd you log in the
>> subject?
>>
>> I tried
>>
>> Subject subject = new Subject();
>> Principal p = new WikiPrincipal( username, WikiPrincipal.LOGIN_NAME );
>> subject.getPrincipals().add( p );
>>
>> PrivilegedExceptionAction action = new PrivilegedExceptionAction() {
>> public String run() throws Exception
>> {
>> checkPermission( PagePermission.VIEW );
>>
>> but still the check is against an anonymous user.
>>
>> Thanks,
>> Juergen
>>
>> --
>> View this message in context:
>> http://old.nabble.com/RPC-Authentication-tp27592918p27592918.html
>> Sent from the JspWiki - User mailing list archive at Nabble.com.
>>
>>
>
>
--
View this message in context:
http://old.nabble.com/RPC-Authentication-tp27592918p27652580.html
Sent from the JspWiki - User mailing list archive at Nabble.com.
