See my response here :
http://www.nabble.com/forum/ViewPost.jtp?post=5376367&framed=y&skin=2369
On 5/15/07, tibi <[EMAIL PROTECTED]> wrote:
apart from this :(
when i use my application this will work:
public boolean loggedInUserHasRole(String roleName) {
if (SecurityContextHolder.getContext() != null) {
Authentication auth =
SecurityContextHolder.getContext().getAuthentication();
if (auth != null) {
UserDetails user = ((UserDetails) auth.getPrincipal());
for (int i = 0; i < user.getAuthorities().length; i++) {
if
(user.getAuthorities()[i].getAuthority().equals(roleName)) {
return true;
}
}
}
}
return false;
}
but when i run my test this will fail:
UserDetails user = ((UserDetails) auth.getPrincipal());
because user is a string and not a UserDetails object??
tibi
tibi wrote:
> used this:
>
http://raibledesigns.com/downloads/appfuse/api/org/appfuse/service/UserSecurityAdviceTest.java.html
>
>
> worked perfect...
>
>
>
> tibi wrote:
>> thanks
>>
>> tibi
>>
>> Michael Horwitz wrote:
>>>
>>>
>>> On 5/15/07, *tibi* <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>> wrote:
>>>
>>> thanks. so i will use the last one.
>>>
>>> can i test this method from a junit test? or an baseActionTest.
>>> and how can i login?
>>>
>>>
>>> Yes, as long as you set up the ACEGI security context. See
>>> UserSecurityAdviceTest in the AppFuse source for an example of how
>>> this can be done.
>>>
>>> Mike.
>>>
>>> tibi
>>>
>>> Michael Horwitz wrote:
>>> > The first version is only usefull where you have access to the
>>> request
>>> > object. This is not always the case, particularly in the service
>>> > layer. The second version works throughout the call stack and
>>> returns
>>> > the logged in user as per ACEGI. As far as I know they should
>>> always
>>> > return the same value, but there may be special circumstances
>>> where
>>> > this is not the case?
>>> >
>>> > Mike.
>>> >
>>> > On 5/15/07, *tibi* <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
<mailto:
>>> [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>>> wrote:
>>> >
>>> > what is the difference between:
>>> >
>>> > request.getRemoteUser()
>>> >
>>> > and this
>>> >
>>> > public String getLoggedInUserName() {
>>> > if (SecurityContextHolder.getContext() != null) {
>>> > Authentication auth =
>>> > SecurityContextHolder.getContext().getAuthentication();
>>> > if (auth != null) {
>>> > UserDetails user = ((UserDetails)
>>> auth.getPrincipal());
>>> > if (user != null) {
>>> > return user.getUsername();
>>> > }
>>> > }
>>> > }
>>> > return null;
>>> > }
>>> >
>>> > i found both off them on the net ...
>>> >
>>> > tibi
>>> >
>>> > tibi wrote:
>>> > > jep... as i understood it the method was already in.
>>> > > the request.getRemoteUser works fine
>>> > >
>>> > > tibi
>>> > >
>>> > > Matt Raible wrote:
>>> > >> The bug you reference was to add a convenience method to
>>> get the
>>> > >> user's username. However, since it's easy enough to get
>>> with
>>> > >> request.getRemoteUser(), I didn't add it.
>>> > >>
>>> > >> Does this answer your question?
>>> > >>
>>> > >> Matt
>>> > >>
>>> > >>
>>> > >> On 5/8/07, tibi <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
>>> <mailto:[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>>> wrote:
>>> > >>>
>>> > >>> i just stumlbed upon this bug report:
>>> > >>> http://issues.appfuse.org/browse/APF-650
>>> <http://issues.appfuse.org/browse/APF-650>
>>> > >>>
>>> > >>> as i understand it the first user is saying that
>>> > >>> the method setCurrentUser should be reneamed to
>>> setCurrentUserName
>>> > >>> because you are not setting the user but only his or her
>>> name.
>>> > >>> and the getCurrentUser should be changed to
>>> getCurrentUserName
>>> > etc...
>>> > >>>
>>> > >>> but i think at this moment the methods are gone all to
>>> getter
>>> > right?
>>> > >>>
>>> > >>> and super.getRequest().getRemoteUser() should be used?
>>> > >>>
>>> > >>> tibi
>>> > >>>
>>> > >>>
>>> >
>>> ---------------------------------------------------------------------
>>> > >>> To unsubscribe, e-mail:
>>> [EMAIL PROTECTED]
>>> <mailto:[EMAIL PROTECTED]>
>>> > <mailto:[EMAIL PROTECTED]
>>> <mailto:[EMAIL PROTECTED]>>
>>> > >>> For additional commands, e-mail:
>>> > [EMAIL PROTECTED]
>>> <mailto:[EMAIL PROTECTED]>
>>> > <mailto:[EMAIL PROTECTED]
>>> <mailto:[EMAIL PROTECTED]>>
>>> > >>>
>>> > >>>
>>> > >>
>>> > >>
>>> > >
>>> > >
>>> >
>>> ---------------------------------------------------------------------
>>> > > To unsubscribe, e-mail:
>>> [EMAIL PROTECTED]
>>> <mailto:[EMAIL PROTECTED]>
>>> > <mailto:[EMAIL PROTECTED]
>>> <mailto:[EMAIL PROTECTED]>>
>>> > > For additional commands, e-mail:
>>> [EMAIL PROTECTED]
>>> <mailto:[EMAIL PROTECTED]>
>>> > <mailto:[EMAIL PROTECTED]
>>> <mailto:[EMAIL PROTECTED]>>
>>> > >
>>> > >
>>> >
>>> >
>>> ---------------------------------------------------------------------
>>> > To unsubscribe, e-mail:
>>> [EMAIL PROTECTED]
>>> <mailto:[EMAIL PROTECTED]>
>>> > <mailto:[EMAIL PROTECTED]
>>> <mailto:[EMAIL PROTECTED]>>
>>> > For additional commands, e-mail:
>>> [EMAIL PROTECTED]
>>> <mailto:[EMAIL PROTECTED]>
>>> > <mailto:[EMAIL PROTECTED]
>>> <mailto:[EMAIL PROTECTED]>>
>>> >
>>> >
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: [EMAIL PROTECTED]
>>> <mailto:[EMAIL PROTECTED]>
>>> For additional commands, e-mail: [EMAIL PROTECTED]
>>> <mailto:[EMAIL PROTECTED]>
>>>
>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: [EMAIL PROTECTED]
>> For additional commands, e-mail: [EMAIL PROTECTED]
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
