You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@shiro.apache.org by Ryan McKinley <ry...@gmail.com> on 2009/03/28 04:21:21 UTC
JSecurityFilter.SECURITY_MANAGER_CONTEXT_KEY
In an effort to answer a previous question -- how to get the current
SecurityManager in a WebApp, I stumbled into:
JSecurityFilter.SECURITY_MANAGER_CONTEXT_KEY
It *seems* like a key in the servlet context for the Manager, but I
don't see it set anywhere and don't get any results with:
WebApplication.get().getServletContext().getAttribute(
JSecurityFilter.SECURITY_MANAGER_CONTEXT_KEY );
Am i missing something?
Thanks again!
ryan
Re: JSecurityFilter.SECURITY_MANAGER_CONTEXT_KEY
Posted by Ryan McKinley <ry...@gmail.com>.
Makes sense, I was just temped to use it since it features so
prominently in the SecurityUtils class.
Also, i thought it would be interesting to have runtime debug info
telling you the SecurityManager state/settings. This is more as a
learning exercise then a real use case.
On Mar 28, 2009, at 3:36 PM, Les Hazlewood wrote:
> That apparently isn't being used anymore - I need to remove it. In
> short, the SecurityManager instance is bound to the currently
> executing thread for use in the SecurityUtils implementation. It
> really shouldn't be accessed inside of GUI code.
>
> Instead, SecurityUtils.getSubject() should be used for everything
> related to the currently executing subject, aka 'user'.
>
> On Fri, Mar 27, 2009 at 11:21 PM, Ryan McKinley <ry...@gmail.com>
> wrote:
> In an effort to answer a previous question -- how to get the current
> SecurityManager in a WebApp, I stumbled into:
> JSecurityFilter.SECURITY_MANAGER_CONTEXT_KEY
>
> It *seems* like a key in the servlet context for the Manager, but I
> don't see it set anywhere and don't get any results with:
>
> WebApplication.get().getServletContext().getAttribute(
> JSecurityFilter.SECURITY_MANAGER_CONTEXT_KEY );
>
>
> Am i missing something?
>
> Thanks again!
> ryan
>
Re: JSecurityFilter.SECURITY_MANAGER_CONTEXT_KEY
Posted by Les Hazlewood <lh...@apache.org>.
That apparently isn't being used anymore - I need to remove it. In short,
the SecurityManager instance is bound to the currently executing thread for
use in the SecurityUtils implementation. It really shouldn't be accessed
inside of GUI code.
Instead, SecurityUtils.getSubject() should be used for everything related to
the currently executing subject, aka 'user'.
On Fri, Mar 27, 2009 at 11:21 PM, Ryan McKinley <ry...@gmail.com> wrote:
> In an effort to answer a previous question -- how to get the current
> SecurityManager in a WebApp, I stumbled into:
> JSecurityFilter.SECURITY_MANAGER_CONTEXT_KEY
>
> It *seems* like a key in the servlet context for the Manager, but I don't
> see it set anywhere and don't get any results with:
>
> WebApplication.get().getServletContext().getAttribute(
> JSecurityFilter.SECURITY_MANAGER_CONTEXT_KEY );
>
>
> Am i missing something?
>
> Thanks again!
> ryan
>