2006/3/16, Caldarale, Charles R <[EMAIL PROTECTED]>:
> ??? That doesn't make any sense to me. There may be may users
> connected to Tomcat at any given time; if you don't get the one
> corresponding to a specific request (or associated session), what do you
> think you're getting?
well, I don't know how it works, but it works! In Jboss I mean. The
method I was talking about is as follows:
public static Principal getPrincipal()
{
SecurityManager sm = System.getSecurityManager();
if (sm != null)
sm.checkPermission(getPrincipalInfoPermission);
if (peekRunAsIdentity() != null)
return peekRunAsIdentity();
if (server)
return (Principal) threadPrincipal.get();
else
return principal;
}
No (visible) reference to the session of the user, but if invoked it
returns the correct user principal. It's useful in all those
situations you don't have the session, like helper classes, and you
don't want an additional argument to your method (like a String
session ID). It allows writing simpler and cleaner code.
--
TREMALNAIK
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
