How to Override getDfSession() method in WDK action handler class?

[ntsav2]

Hi,

I am customizing a WDK action component,And my handler class extends the WDK newgroup action class. I know that WDK uses the current session of the user in the handlerclass by calling getDfsession(), but i want to override this getDfsession and in order to use a superUser session.

The end user will not be given the privilege to perform the action, so the action has to be performed using superuser session.
How can I override the getDfsession instances in my extended handler class to use my Superuser session.

Thank you in advance.

[johnnygee_va]

"The end user will not be given the privilege to perform the action, so the action has to be performed using superuser session."

- The way I have done this in the past is to create a server method, configure it to "run as server", and then call the server method with apply() method from WDK component.

[ntsav2]

Thank you Johnny .
I needed little clarification on this. I created a util class which contains my new getDfSession method that returns superuser session.
And now I created a new dm_method object for my util class.
But I did not understand how to apply my dm_method to WDK component?Can you please guide me how to do so?

I have created "getDfSession" method in my util class so after applying my method to my component will all the instances of wdk getDfSession are picked up from my util class?

[johnnygee_va]

IDfSession.apply() - executes server method

[ntsav2]

Jhonny now I understand that....this server method is invoked from my wdk class using Idfsession.apply().
But my requirement is different here.My WDK class is extending Groupattributes.class and I want all the methods of my new class and Groupattributes class to be performed using superuser privileges.
I mean whenever the Groupattributes.class/custom class calls getDfSession in any of its methos that instance should be of SUPERUSER session.

Can I override the getDfSession method in my Handler class. Will that solve my problem?

[johnnygee_va]

What are you trying to do Group class? If you want to give a normal user the ability to manage groups, just define Admin Access in DA and grant that user/group access to the user management node.

[ntsav2]

Johnny,
Thank you for the reply.I understand that group management is possibly by appropriate privileges.
But as per my requirement the end users are not given group management privileges and they should not see Groups node.
So we have to create a custom node extending groups node which displays only certain groups essential for the end users.
In this custom node they have to create groups (During the group creation the custom default values are assigned to the group object including group_owner).
So In the menubar component we created a new_action_menu_item that creates new groups(as mentioned above). So this create group must be performed by only SUPER USER and we have the specific purpose for that like auditing. (the user performing the action will not have create group privileges, they can only see the menu item and click on it) .
I hope you had better understanding this time :)

So in my handlerclass which extends GroupAttributes I have overwritten the getDfSession method to get the super user session instead of the current user performing the WDK action. So I wonder if this will create any problem?
Please help.
Thank you in advance.

[johnnygee_va]

The problem is that you cant get superuser session from a normal user session. You basically have to establish a new session using super user name and password. This normally means you have to save this info in a properties file or some other place that you can change. Controlling access to the file is usually a big security risk.

If you write server method, you dont need to provide user name and password.

[ntsav2]

Thank you Johnny for making me aware of the risk.
But we had a standard implementation for getting a sessionmanger for superuser from a utilclass. So I just used an instance of this to get the session from which I could achieve what I wanted.
Thank you for all the replies.