Hi,

i'd like to know if there's a way to recover the authenticated username in my BizDocument? Is this information delayed from Spring to XAware after authentication?

Charles

Hi,

after digging in the source code i finally discover that the class org.xaware.server.security.SecurityManager.java is doing the ressource role validation and have access to the org.xaware.server.security.XALoginContext that have the current logged in user and his roles. This information is based on the user that logged in by the HTTP Connector trough Spring Security.

So I added this few lines :

Code:

// Add user information in the connectorProperties String username = XALoginContext.getUsername(); invocationParams.connectorProperties.setProperty("ExecuteUserId",username); String userRoles = XALoginContext.getRoleList(); invocationParams.connectorProperties.setProperty("ExecuteUserRoles",userRoles);

to the org.xaware.server.connector.servlet.XAServlet.java in the method getInvocationParamsFromRequest to have access to this information in my bizDocuments to be able to do some content filtering whitout having to pass the username as a parameter from the client.

I would have prefer not to play in the code, but I really needed that information and this is the only way I found to access it. If you have better suggestion or improvements I could make, I'm open to suggestions!

Charles

Charles, we have written custom functoids for specific customer projects in the past for this purpose. I like your approach better, having the information saved in a connector property. We'll try and get a similar enhancement scheduled into the development process.

Thanks,

-Kirstan