Thank you woonsan, it worked like a charm.
On Thu, Mar 3, 2011 at 4:36 AM, Woonsan Ko <[email protected]> wrote:
> In your custom valve, you may have set an attribute in an http session of
> the portal application.
> Now, you're trying to get the attribute in an http session of a portlet
> application. Http sessions are not shared between web applications.
> So, you can try this from your portlet code with Jetspeed API to get
> accesses to the portal session attributes:
>
> import org.apache.jetspeed.request.RequestContext;
>
> RequestContext rc = (RequestContext)
> portletRequest.getAttribute(RequestContext.REQUEST_PORTALENV);
> Object attr = rc.getSessionAttribute("some-attribute-name");
>
>
> Woonsan
>
> --- On Wed, 3/2/11, anyz <[email protected]> wrote:
>
> > From: anyz <[email protected]>
> > Subject: Re: Storing Custom Object in Session on User Login
> > To: "Jetspeed Users List" <[email protected]>
> > Date: Wednesday, March 2, 2011, 2:59 PM
> > I used to get session in valve as
> > requestContext.getRequest().getSession()
> > and then set attribute in session. However i am not able to
> > get this
> > attribute in portlet JSP page from HttpSession or
> > PortletSession. This seems
> > to be same problem as given in another thread at
> > http://permalink.gmane.org/gmane.comp.jakarta.jetspeed.user/23626
> >
> > Probably if i could set the attribute in portletsession and
> > with
> > APPLICATION_SCOPE that may be available. But its not
> > possibel to get portlet
> > session in valve.
> >
> >
> >
> >
> >
> > On Wed, Mar 2, 2011 at 5:54 PM, anyz <[email protected]>
> > wrote:
> >
> > > In custom security valve if i set an attribute in
> > session. Later i 'm not
> > > able to get this attribute in portlet JSP page. It is
> > always
> > > NULL. Application is deployed on Tomcat and already
> > have set
> > > crossContext="true". Does the session get overridden
> > somewhere?
> > >
> > > Thanks
> > >
> > > On Wed, Mar 2, 2011 at 3:59 PM, anyz
> > <[email protected]>
> > wrote:
> > >
> > >> I think i got it...added the custom valve in
> > default jetspeed pipeline
> > >> that is in the following bean:
> > >>
> > >> <bean id="jetspeed-pipeline"......../>
> > >>
> > >> It is added after <ref
> > bean="loginValidationValve" /> in constructor
> > >> argument list. Now subject and everything is
> > available.]
> > >>
> > >> Is this correct way to do things?
> > >>
> > >>
> > >>
> > >>
> > >> On Wed, Mar 2, 2011 at 3:37 PM, anyz <[email protected]>
> > wrote:
> > >>
> > >>> I added custom valve in "login-pipeline" bean
> > defined in pipelines.xml
> > >>> that is probably not right place to do.
> > >>>
> > >>>
> > >>>
> > >>> On Wed, Mar 2, 2011 at 3:10 PM, anyz <[email protected]>
> > wrote:
> > >>>
> > >>>> I implemented my custom valve by extending
> > AbstractSecurityValve. The
> > >>>> documentation says this valve
> > "Authenticates the user or redirects to Login
> > >>>> if necessary, adds the authenticated
> > Subject to the RequestContext."
> > >>>> However in the invoke() method as i try to
> > get subject from request
> > >>>> context its always NULL.
> > >>>>
> > >>>> My understanding is this valve invokes
> > login module to authenticate user
> > >>>> and once authentication done it sets teh
> > subject in request context. I have
> > >>>> called the super.invoke(rc,vc) in my
> > custom valve but subject is always
> > >>>> NULL.
> > >>>>
> > >>>> Could you please guide what am i missing?
> > >>>>
> > >>>> Thanks
> > >>>>
> > >>>>
> > >>>>
> > >>>> On Wed, Mar 2, 2011 at 4:17 AM, Woonsan Ko
> > <[email protected]>
> > wrote:
> > >>>>
> > >>>>>
> > >>>>> --- On Tue, 3/1/11, anyz <[email protected]>
> > wrote:
> > >>>>>
> > >>>>> > From: anyz <[email protected]>
> > >>>>> > Subject: Storing Custom Object in
> > Session on User Login
> > >>>>> > To: "Jetspeed Users List" <[email protected]>
> > >>>>> > Date: Tuesday, March 1, 2011,
> > 6:49 AM
> > >>>>> > I need to set a custom class
> > object
> > >>>>> > into session once user logged
> > into
> > >>>>> > Jetspeed. This object will be
> > accessed and used later by
> > >>>>> > portlets. After
> > >>>>> > searching into email list and
> > forum i found two ways of
> > >>>>> > intercepting J2
> > >>>>> > login process:
> > >>>>> >
> > >>>>> > 1- Custom Login Module
> > >>>>> > 2- Custom Security Valve and
> > possibly Filter (not sure if
> > >>>>> > Filter works in
> > >>>>> > Jetspeed 2.2.1 or its for old
> > version)
> > >>>>> >
> > >>>>> > I manged to plug my custom login
> > module however i could not
> > >>>>> > find a way to
> > >>>>> > get session in login() method and
> > set my custom class
> > >>>>> > object into session.
> > >>>>> > Is it possible to get HttpSession
> > in custom login module?
> > >>>>>
> > >>>>> It is not possible to access
> > HttpSession in a JAAS LoginModule.
> > >>>>>
> > >>>>> >
> > >>>>> > If i have write security valve,
> > do i also need some sort of
> > >>>>> > Serverlt filter
> > >>>>> > where i can set custom object
> > into session.
> > >>>>>
> > >>>>> You don't need a servlet filter if you
> > use a custom security valve.
> > >>>>> Servlet filter such as
> > PoralLoginFilter is enabled/used only for some
> > >>>>> environment like WAS instead of
> > Jetspeed JAAS LoginModule.
> > >>>>>
> > >>>>>
> > >>>>> Woonsan
> > >>>>>
> > >>>>> >
> > >>>>> >
> > >>>>> > Thanks
> > >>>>> >
> > >>>>>
> > >>>>>
> > >>>>>
> > >>>>>
> > >>>>>
> > ---------------------------------------------------------------------
> > >>>>> To unsubscribe, e-mail:
> [email protected]
> > >>>>> For additional commands, e-mail:
> [email protected]
> > >>>>>
> > >>>>>
> > >>>>
> > >>>
> > >>
> > >
> >
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [email protected]
> For additional commands, e-mail: [email protected]
>
>
