Hi there,
somehow I'm stuck here:
We do have a pre-packaged Tomcat 6 which contains our new CMS, running
on Gentoo Linux.
The ROOT-app contains the aboved mentioned CMS.
Now I do have to integrate some legacy servlets residing each in it's
own Context, and for aurthorization-issues I have to access some
sesson-attributes.
I have enabled the SingleSignOnValve (although authorization is
handled via some Spring-stuff) but I thought it is needed to share the
session among different contexts.
I wrote a very simple test-servlet, which should dump the session-attributes:
protected void doGet(HttpServletRequest aRequest, HttpServletResponse
aResponse) throws ServletException, IOException {
PrintWriter out = aResponse.getWriter();
out.println ("Auth-Type:" + aRequest.getAuthType());
out.println ("Remote User:" + aRequest.getRemoteUser());
Principal prince = aRequest.getUserPrincipal();
if (prince == null) {
out.println ("Principal is null");
} else {
out.println ("Principal:" + prince.getName());
}
HttpSession session = aRequest.getSession();
if (session != null) {
Enumeration<String> e = session.getAttributeNames();
while (e.hasMoreElements()) {
String attName = e.nextElement();
out.println ("Attribute " + attName +
", value:" +
session.getAttribute(attName));
}
JahiaUser user =
(JahiaUser)aRequest.getSession().getAttribute("org.jahia.usermanager.jahiauser");
JahiaSite site =
(JahiaSite)aRequest.getSession().getAttribute("org.jahia.services.sites.jahiasite");
if (site != null && user != null) {
int siteID = site.getID();
out.println (user.isMemberOfGroup(siteID,
"users") ?
"authorized":"not authorized");
}
} else {
out.println ("session is null!");
}
out.close();
}
I do understand that there's not Primcipal since it's not
container-based security, but I was expecting that all attributes
which can be retrieved from within the ROOT-context would show up in
different Contexts also.
However, they don't.
Sure, chances are I have some musconfiguration here, but could
somebody simply tell me what I have to do to share session-attributes
between different Contexts?
Is my modus operandi correct or isn't it possible in general?
TIA
Gregor
--
just because you're paranoid, don't mean they're not after you...
gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2
gpgp-key available
@ http://pgpkeys.pca.dfn.de:11371
@ http://pgp.mit.edu:11371/
skype:rc46fi
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
