I think i got it...added the custom valve in default jetspeed pipeline that is in the following bean:
<bean id="jetspeed-pipeline"......../> It is added after <ref bean="loginValidationValve" /> in constructor argument list. Now subject and everything is available.] Is this correct way to do things? On Wed, Mar 2, 2011 at 3:37 PM, anyz <[email protected]> wrote: > I added custom valve in "login-pipeline" bean defined in pipelines.xml that > is probably not right place to do. > > > > On Wed, Mar 2, 2011 at 3:10 PM, anyz <[email protected]> wrote: > >> I implemented my custom valve by extending AbstractSecurityValve. The >> documentation says this valve "Authenticates the user or redirects to Login >> if necessary, adds the authenticated Subject to the RequestContext." >> However in the invoke() method as i try to get subject from request >> context its always NULL. >> >> My understanding is this valve invokes login module to authenticate user >> and once authentication done it sets teh subject in request context. I have >> called the super.invoke(rc,vc) in my custom valve but subject is always >> NULL. >> >> Could you please guide what am i missing? >> >> Thanks >> >> >> >> On Wed, Mar 2, 2011 at 4:17 AM, Woonsan Ko <[email protected]> wrote: >> >>> >>> --- On Tue, 3/1/11, anyz <[email protected]> wrote: >>> >>> > From: anyz <[email protected]> >>> > Subject: Storing Custom Object in Session on User Login >>> > To: "Jetspeed Users List" <[email protected]> >>> > Date: Tuesday, March 1, 2011, 6:49 AM >>> > I need to set a custom class object >>> > into session once user logged into >>> > Jetspeed. This object will be accessed and used later by >>> > portlets. After >>> > searching into email list and forum i found two ways of >>> > intercepting J2 >>> > login process: >>> > >>> > 1- Custom Login Module >>> > 2- Custom Security Valve and possibly Filter (not sure if >>> > Filter works in >>> > Jetspeed 2.2.1 or its for old version) >>> > >>> > I manged to plug my custom login module however i could not >>> > find a way to >>> > get session in login() method and set my custom class >>> > object into session. >>> > Is it possible to get HttpSession in custom login module? >>> >>> It is not possible to access HttpSession in a JAAS LoginModule. >>> >>> > >>> > If i have write security valve, do i also need some sort of >>> > Serverlt filter >>> > where i can set custom object into session. >>> >>> You don't need a servlet filter if you use a custom security valve. >>> Servlet filter such as PoralLoginFilter is enabled/used only for some >>> environment like WAS instead of Jetspeed JAAS LoginModule. >>> >>> >>> Woonsan >>> >>> > >>> > >>> > Thanks >>> > >>> >>> >>> >>> >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: [email protected] >>> For additional commands, e-mail: [email protected] >>> >>> >> >
