I added custom valve in "login-pipeline" bean defined in pipelines.xml that is probably not right place to do.
On Wed, Mar 2, 2011 at 3:10 PM, anyz <[email protected]> wrote: > I implemented my custom valve by extending AbstractSecurityValve. The > documentation says this valve "Authenticates the user or redirects to Login > if necessary, adds the authenticated Subject to the RequestContext." > However in the invoke() method as i try to get subject from request context > its always NULL. > > My understanding is this valve invokes login module to authenticate user > and once authentication done it sets teh subject in request context. I have > called the super.invoke(rc,vc) in my custom valve but subject is always > NULL. > > Could you please guide what am i missing? > > Thanks > > > > On Wed, Mar 2, 2011 at 4:17 AM, Woonsan Ko <[email protected]> wrote: > >> >> --- On Tue, 3/1/11, anyz <[email protected]> wrote: >> >> > From: anyz <[email protected]> >> > Subject: Storing Custom Object in Session on User Login >> > To: "Jetspeed Users List" <[email protected]> >> > Date: Tuesday, March 1, 2011, 6:49 AM >> > I need to set a custom class object >> > into session once user logged into >> > Jetspeed. This object will be accessed and used later by >> > portlets. After >> > searching into email list and forum i found two ways of >> > intercepting J2 >> > login process: >> > >> > 1- Custom Login Module >> > 2- Custom Security Valve and possibly Filter (not sure if >> > Filter works in >> > Jetspeed 2.2.1 or its for old version) >> > >> > I manged to plug my custom login module however i could not >> > find a way to >> > get session in login() method and set my custom class >> > object into session. >> > Is it possible to get HttpSession in custom login module? >> >> It is not possible to access HttpSession in a JAAS LoginModule. >> >> > >> > If i have write security valve, do i also need some sort of >> > Serverlt filter >> > where i can set custom object into session. >> >> You don't need a servlet filter if you use a custom security valve. >> Servlet filter such as PoralLoginFilter is enabled/used only for some >> environment like WAS instead of Jetspeed JAAS LoginModule. >> >> >> Woonsan >> >> > >> > >> > Thanks >> > >> >> >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [email protected] >> For additional commands, e-mail: [email protected] >> >> >
