This week's book giveaway is in the OCAJP 8 forum. We're giving away four copies of OCA Java SE 8 Programmer I Study Guide and have Edward Finegan & Robert Liguori on-line! See this thread for details.
I am looking to unit test my Struts actions (currently using the Struts JUnit plugin (and my test classes extend StrutsTestCase). At the moment, my actions have nasty static calls to the get the Principal, such as:
My actions implement various interfaces such as SessionAware to make my unit-testing life easier. However, does implementing the PrincipalAware interface compromise security? For example, by implementing the PrincipalAware interface, I have to implement a setter for the PrincipalProxy. Is there not a risk that a user could alter security and set this themselves?