I asked something similar in the users
list some time ago but got no response, so you’re my last chance ;) As usual we’re storing information
in the AuthenticationContext. So far this information has been
written on disk with every request processed by the server. Due to several reasons we’ve decided to just write it
to a file everytime the user logs out OR the session times out. Thus it is not
sufficient to add the method to the logout matcher, because the data will be
lost if the user just closes is browser. I decided to use an HTTPSessionListener which I added to
Cocoon’s web.xml. This works fine so far, but it only allows me to
retrieve the user’s HTTPSession in the method sessionDestroyed(HttpSessionEvent
event). From there I can get the the ServletContext, but I see no way to access
the AuthenticationContext? Is it accessable at all? I tought one of these
should work, but both are null.
AuthenticationContext authContext = (AuthenticationContext)session.getServletContext().getContext("authentication");
AuthenticationContext authContext2 =
(AuthenticationContext)session.getServletContext().getContext(AuthenticationConstants.SESSION_CONTEXT_NAME) Cheers, Stefan |
- AuthenticationContextListener? Stefan Pietschmann
- Re: AuthenticationContextListener? Ralph Goers