[gatein-issues] [JBoss JIRA] Created: (GTNPORTAL-60) Access to wrong user profile during a portlet request
Julien Viet (JIRA)
jira-events at lists.jboss.org
Sat Oct 24 19:33:05 EDT 2009
Access to wrong user profile during a portlet request
-----------------------------------------------------
Key: GTNPORTAL-60
URL: https://jira.jboss.org/jira/browse/GTNPORTAL-60
Project: GateIn Portal
Issue Type: Task
Reporter: Julien Viet
Assignee: Boleslaw Dawidowicz
Fix For: 3.0.0-CR01
In class org.exoplatform.portal.webui.application.UIPortlet I can read the following code:
UIPortalApplication uiPortalApp = getAncestorOfType(UIPortalApplication.class);
UserProfile userProfile = service.getUserProfileHandler().findUserProfileByName(uiPortalApp.getOwner());
which seems to be problematic for several reasons:
1/ the uiPortalApp.getOwner() always return "classic", whatever the identity is (even anonymous)
2/ when the user is anonymous, there is a profile lookup although there should not since it looks for "classic"
I have replaced this code with
String user = prc.getRemoteUser();
UserProfile userProfile = null;
if (user != null)
{
userProfile = service.getUserProfileHandler().findUserProfileByName(user);
}
that seems more correct.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the gatein-issues
mailing list