geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jian Liao <>
Subject PolicyContext does not switch, when a crosscontext include occur
Date Tue, 17 Jan 2006 04:44:25 GMT
Hi all,
Jsr-168 Portlet specification allow user use PortletRequestDispatcher to
include Servlet or Jsp resource (PLT.16) and Jetspeed-2 leverage Servlet
Dispatching Requests mechanism to support it(SRV.8).
For example, my portal webApp context is jetspeed and there also has a
portlet application with demo as its context.

        |              |
isUserInRole() in it)

When there is a request for the portal like this:
http://localhost:8080/jetspeed, Jetspeed-2 will call
requestDispatcher.include(servletRequest, servletResponse) to include
content generate from roles.jsp. When the code run to Line 79 in, I found that PolicyContext.getContextID() will return
contextId for jetspeed.war, not the one I expect(context if for demo.war),
then the following jacc evaluation fail.

If Geronimo does not switch PolicyContext, my only workaround is to define
all portlet applcation's security role and security-constraints in
jetspeed.war's web.xml and it break PLT.20.2, PLT.20.3 and PLT.20.4.

Any help would be appreciated.

- Jian Liao

View raw message