This is actual code inside a portlet doEdit() :
if(request.getUserPrincipal() != null)
Principal p = request.getUserPrincipal();
getPortletContext().log("UserName : " + p.getName());
getPortletContext().log(" In Admins role : " + request.isUserInRole("Admins"));
getPortletContext().log(" In Users role : " + request.isUserInRole("Users"));
Every call to "isUserInRole" return false
To use JBoss Portal permissions, your portlet should extend JBossPortlet. For a simple example, look at org.jboss.portal.core.portlet.role.RolePortlet. You will check for role permissions like this then:
Ok, thanks, that'll work for now, but this isn't jsr168 compliant, no?
I believe it is. We are extending the framework to some degree allowing for fine-grained security and tying to JAAS.
No, isUserInRole is JSR168 compliant,if it returns always false, it could be a bug, we are not using that feature, we will look at it.
hasPermissions stuff is a JBoss Portal very convenient extension to JSR168 portlets
it is a big in the tomcat/jboss integration.
it has been fixed in jboss-4.0.2beta (not out yet but soon). I have had not tested it yet personnally.
That's more like it...
I've got the same problem with isUserInRole... it returns always false...
Has it been debugged in 2.2 version of the portal, please?
Thanks a lot.
did you declare your role in portlet.xml ?
Oh... I didn't know they had to be declared in portlet.xml...
I read they had to be declared in jboss-portlet.xml... that was the reason they didn't work...
THANKS A LOT... Now it's all simpler!!