Access to wrong user profile during a portlet request ----------------------------------------------------- Key: GTNPORTAL-60 URL: https://jira.jboss.org/jira/browse/GTNPORTAL-60 Project: GateIn Portal Issue Type: Task Reporter: Julien Viet Assignee: Boleslaw Dawidowicz Fix For: 3.0.0-CR01 In class org.exoplatform.portal.webui.application.UIPortlet I can read the following code: UIPortalApplication uiPortalApp = getAncestorOfType(UIPortalApplication.class); UserProfile userProfile = service.getUserProfileHandler().findUserProfileByName(uiPortalApp.getOwner()); which seems to be problematic for several reasons: 1/ the uiPortalApp.getOwner() always return "classic", whatever the identity is (even anonymous) 2/ when the user is anonymous, there is a profile lookup although there should not since it looks for "classic" I have replaced this code with String user = prc.getRemoteUser(); UserProfile userProfile = null; if (user != null) { userProfile = service.getUserProfileHandler().findUserProfileByName(user); } that seems more correct. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira