In your custom valve, you may have set an attribute in an http session of the
portal application.
Now, you're trying to get the attribute in an http session of a portlet
application. Http sessions are not shared between web applications.
So, you can try this from your portlet code with Jetspeed API to get accesses
to the portal session attributes:
import org.apache.jetspeed.request.RequestContext;
RequestContext rc = (RequestContext)
portletRequest.getAttribute(RequestContext.REQUEST_PORTALENV);
Object attr = rc.getSessionAttribute("some-attribute-name");
Woonsan
--- On Wed, 3/2/11, anyz <[email protected]> wrote:
> From: anyz <[email protected]>
> Subject: Re: Storing Custom Object in Session on User Login
> To: "Jetspeed Users List" <[email protected]>
> Date: Wednesday, March 2, 2011, 2:59 PM
> I used to get session in valve as
> requestContext.getRequest().getSession()
> and then set attribute in session. However i am not able to
> get this
> attribute in portlet JSP page from HttpSession or
> PortletSession. This seems
> to be same problem as given in another thread at
> http://permalink.gmane.org/gmane.comp.jakarta.jetspeed.user/23626
>
> Probably if i could set the attribute in portletsession and
> with
> APPLICATION_SCOPE that may be available. But its not
> possibel to get portlet
> session in valve.
>
>
>
>
>
> On Wed, Mar 2, 2011 at 5:54 PM, anyz <[email protected]>
> wrote:
>
> > In custom security valve if i set an attribute in
> session. Later i 'm not
> > able to get this attribute in portlet JSP page. It is
> always
> > NULL. Application is deployed on Tomcat and already
> have set
> > crossContext="true". Does the session get overridden
> somewhere?
> >
> > Thanks
> >
> > On Wed, Mar 2, 2011 at 3:59 PM, anyz
> <[email protected]>
> wrote:
> >
> >> I think i got it...added the custom valve in
> default jetspeed pipeline
> >> that is in the following bean:
> >>
> >> <bean id="jetspeed-pipeline"......../>
> >>
> >> It is added after <ref
> bean="loginValidationValve" /> in constructor
> >> argument list. Now subject and everything is
> available.]
> >>
> >> Is this correct way to do things?
> >>
> >>
> >>
> >>
> >> On Wed, Mar 2, 2011 at 3:37 PM, anyz <[email protected]>
> wrote:
> >>
> >>> I added custom valve in "login-pipeline" bean
> defined in pipelines.xml
> >>> that is probably not right place to do.
> >>>
> >>>
> >>>
> >>> On Wed, Mar 2, 2011 at 3:10 PM, anyz <[email protected]>
> wrote:
> >>>
> >>>> I implemented my custom valve by extending
> AbstractSecurityValve. The
> >>>> documentation says this valve
> "Authenticates the user or redirects to Login
> >>>> if necessary, adds the authenticated
> Subject to the RequestContext."
> >>>> However in the invoke() method as i try to
> get subject from request
> >>>> context its always NULL.
> >>>>
> >>>> My understanding is this valve invokes
> login module to authenticate user
> >>>> and once authentication done it sets teh
> subject in request context. I have
> >>>> called the super.invoke(rc,vc) in my
> custom valve but subject is always
> >>>> NULL.
> >>>>
> >>>> Could you please guide what am i missing?
> >>>>
> >>>> Thanks
> >>>>
> >>>>
> >>>>
> >>>> On Wed, Mar 2, 2011 at 4:17 AM, Woonsan Ko
> <[email protected]>
> wrote:
> >>>>
> >>>>>
> >>>>> --- On Tue, 3/1/11, anyz <[email protected]>
> wrote:
> >>>>>
> >>>>> > From: anyz <[email protected]>
> >>>>> > Subject: Storing Custom Object in
> Session on User Login
> >>>>> > To: "Jetspeed Users List" <[email protected]>
> >>>>> > Date: Tuesday, March 1, 2011,
> 6:49 AM
> >>>>> > I need to set a custom class
> object
> >>>>> > into session once user logged
> into
> >>>>> > Jetspeed. This object will be
> accessed and used later by
> >>>>> > portlets. After
> >>>>> > searching into email list and
> forum i found two ways of
> >>>>> > intercepting J2
> >>>>> > login process:
> >>>>> >
> >>>>> > 1- Custom Login Module
> >>>>> > 2- Custom Security Valve and
> possibly Filter (not sure if
> >>>>> > Filter works in
> >>>>> > Jetspeed 2.2.1 or its for old
> version)
> >>>>> >
> >>>>> > I manged to plug my custom login
> module however i could not
> >>>>> > find a way to
> >>>>> > get session in login() method and
> set my custom class
> >>>>> > object into session.
> >>>>> > Is it possible to get HttpSession
> in custom login module?
> >>>>>
> >>>>> It is not possible to access
> HttpSession in a JAAS LoginModule.
> >>>>>
> >>>>> >
> >>>>> > If i have write security valve,
> do i also need some sort of
> >>>>> > Serverlt filter
> >>>>> > where i can set custom object
> into session.
> >>>>>
> >>>>> You don't need a servlet filter if you
> use a custom security valve.
> >>>>> Servlet filter such as
> PoralLoginFilter is enabled/used only for some
> >>>>> environment like WAS instead of
> Jetspeed JAAS LoginModule.
> >>>>>
> >>>>>
> >>>>> Woonsan
> >>>>>
> >>>>> >
> >>>>> >
> >>>>> > Thanks
> >>>>> >
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> ---------------------------------------------------------------------
> >>>>> To unsubscribe, e-mail: [email protected]
> >>>>> For additional commands, e-mail: [email protected]
> >>>>>
> >>>>>
> >>>>
> >>>
> >>
> >
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
