You are viewing a plain text version of this content. The canonical link for it is here.
Posted to pluto-user@portals.apache.org by Pavel <pa...@gmail.com> on 2007/07/20 17:32:48 UTC
Authentication. getRemoteUser?
Hi,
I'm implementing my own authentication in my portal and I'd like it to
propagate to portlets. AFAIU request.getRemoteUser() is the only
JSR-168ish way... Is there any way to control it? I don't see anything
in the Pluto SPI, and the implementation of the PortletRequest just gets
the RemoteUser straight from HttpServletRequest. But according to
PLT.11.1.6 of JSR-168 spec I should be able to implement my own AuthType.
Are there any plans for an optional AuthenticationService?
Thanks,
Pavel
Re: Authentication. getRemoteUser?
Posted by Pavel J <pa...@gmail.com>.
Thanks Ben, I'll give it a try.
--
Pavel Jbanov
On 7/21/07, Benjamin Gould <be...@netsos.com> wrote:
>
> Pavel,
>
> Even without an AuthenticationService, I think that there is a hook in
> the SPI that you can use to do this. If you extend
> org.apache.pluto.core.DefaultPortletEnvironmentService, you can control
> the implementations of ActionRequest and RenderRequest that are
> utilized. Thus, you could extend ActionRequestImpl and
> RenderRequestImpl to provide your own version of getRemoteUser() as
> needed.
>
> -- Ben
>
> On Fri, 2007-07-20 at 09:32 -0600, Pavel wrote:
> > Hi,
> >
> > I'm implementing my own authentication in my portal and I'd like it to
> > propagate to portlets. AFAIU request.getRemoteUser() is the only
> > JSR-168ish way... Is there any way to control it? I don't see anything
> > in the Pluto SPI, and the implementation of the PortletRequest just gets
> > the RemoteUser straight from HttpServletRequest. But according to
> > PLT.11.1.6 of JSR-168 spec I should be able to implement my own
> AuthType.
> >
> > Are there any plans for an optional AuthenticationService?
> >
> > Thanks,
> >
> > Pavel
> >
>
>
--
Pavel
Re: Authentication. getRemoteUser?
Posted by Benjamin Gould <be...@netsos.com>.
Pavel,
Even without an AuthenticationService, I think that there is a hook in
the SPI that you can use to do this. If you extend
org.apache.pluto.core.DefaultPortletEnvironmentService, you can control
the implementations of ActionRequest and RenderRequest that are
utilized. Thus, you could extend ActionRequestImpl and
RenderRequestImpl to provide your own version of getRemoteUser() as
needed.
-- Ben
On Fri, 2007-07-20 at 09:32 -0600, Pavel wrote:
> Hi,
>
> I'm implementing my own authentication in my portal and I'd like it to
> propagate to portlets. AFAIU request.getRemoteUser() is the only
> JSR-168ish way... Is there any way to control it? I don't see anything
> in the Pluto SPI, and the implementation of the PortletRequest just gets
> the RemoteUser straight from HttpServletRequest. But according to
> PLT.11.1.6 of JSR-168 spec I should be able to implement my own AuthType.
>
> Are there any plans for an optional AuthenticationService?
>
> Thanks,
>
> Pavel
>