On Wed, May 6, 2009 at 4:20 PM, Jordan Zimmerman <[email protected]> wrote:
> >It doesn't pass a > >security token as its not really trying to auth on behalf of any given > >user, and in truth system.listMethods should require no auth. > > The problem is that the AuthenticationServletFilter gets called and, in > turn, calls getSecurityTokenFromRequest(). Without the "st" my container > code can't generate the token. As long as you have an AnonymousAuthenticationHandler (or equivalent) bound you will get a valid "anonymous" security token (one with owner, viewer, and app ids all set to null). > > > Jordan Zimmerman > Principal Software Architect > 831.647.4712 > 831.214.2990 (cell) > [email protected] > > SHOP*COMTM > Shop Smart, Save Big(tm) > www.shop.com > > This message (including any attachments) is intended only for > the use of the individual or entity to which it is addressed and > may contain information that is non-public, proprietary, > privileged, confidential, and exempt from disclosure under > applicable law or may constitute as attorney work product. > If you are not the intended recipient, you are hereby notified > that any use, dissemination, distribution, or copying of this > communication is strictly prohibited. If you have received this > communication in error, notify us immediately by telephone and > (i) destroy this message if a facsimile or (ii) delete this > message > immediately if this is an electronic communication. > > Thank you. >
