As you already know, Jetspeed uses shared interfaces/classes if anything should be shared among applications. For this reason, jetspeed-api and jetspeed-commons jar files are deployed into the shared class path (e.g. $CATALINA_HOME/lib)
Woonsan --- On Thu, 3/3/11, anyz <[email protected]> wrote: > From: anyz <[email protected]> > Subject: Re: Storing Custom Object in Session on User Login > To: "Jetspeed Users List" <[email protected]> > Date: Thursday, March 3, 2011, 11:35 AM > Since the authenticated Subject that > was set in session by Portal > Application (jetspeed.war) is availabel in all portlet > applications. How did > it work and can't i make my custom calass behave > similarly. > > Thanks > > On Thu, Mar 3, 2011 at 3:21 PM, anyz <[email protected]> > wrote: > > > Now portlet development contain lots of > challenges...As i stated actually i > > want to set a custom class (say MySessionClass) into > session. With security > > valve i have to have that class in jar file that > contains custom security > > valve and placed in portal application jetspeed. > > > > While getting this attribute from my portlet > application i have that > > MySessionClass in portlet application classpath. Now > casting the session > > attribute to this causes ClassCastException becuase > two classes are loaded > > by JVM from differnt locations. > > > > One possible way could be to place the MySessionClass > in soem common lib or > > application server (Tomcat) where both portal and > portlet application can > > access it. But i wonder how people achieve this > behaviour...ins'nt there > > some more simple way. > > > > On Thu, Mar 3, 2011 at 12:12 PM, anyz > <[email protected]> > wrote: > > > >> Thank you woonsan, it worked like a charm. > >> > >> > >> On Thu, Mar 3, 2011 at 4:36 AM, Woonsan Ko <[email protected]> > wrote: > >> > >>> In your custom valve, you may have set an > attribute in an http session of > >>> the portal application. > >>> Now, you're trying to get the attribute in an > http session of a portlet > >>> application. Http sessions are not shared > between web applications. > >>> So, you can try this from your portlet code > with Jetspeed API to get > >>> accesses to the portal session attributes: > >>> > >>> import > org.apache.jetspeed.request.RequestContext; > >>> > >>> RequestContext rc = (RequestContext) > >>> > portletRequest.getAttribute(RequestContext.REQUEST_PORTALENV); > >>> Object attr = > rc.getSessionAttribute("some-attribute-name"); > >>> > >>> > >>> Woonsan > >>> > >>> --- On Wed, 3/2/11, anyz <[email protected]> > wrote: > >>> > >>> > From: anyz <[email protected]> > >>> > Subject: Re: Storing Custom Object in > Session on User Login > >>> > To: "Jetspeed Users List" <[email protected]> > >>> > Date: Wednesday, March 2, 2011, 2:59 PM > >>> > I used to get session in valve as > >>> > requestContext.getRequest().getSession() > >>> > and then set attribute in session. > However i am not able to > >>> > get this > >>> > attribute in portlet JSP page from > HttpSession or > >>> > PortletSession. This seems > >>> > to be same problem as given in another > thread at > >>> > http://permalink.gmane.org/gmane.comp.jakarta.jetspeed.user/23626 > >>> > > >>> > Probably if i could set the attribute in > portletsession and > >>> > with > >>> > APPLICATION_SCOPE that may be available. > But its not > >>> > possibel to get portlet > >>> > session in valve. > >>> > > >>> > > >>> > > >>> > > >>> > > >>> > On Wed, Mar 2, 2011 at 5:54 PM, anyz > <[email protected]> > >>> > wrote: > >>> > > >>> > > In custom security valve if i set an > attribute in > >>> > session. Later i 'm not > >>> > > able to get this attribute in > portlet JSP page. It is > >>> > always > >>> > > NULL. Application is deployed on > Tomcat and already > >>> > have set > >>> > > crossContext="true". Does the > session get overridden > >>> > somewhere? > >>> > > > >>> > > Thanks > >>> > > > >>> > > On Wed, Mar 2, 2011 > at 3:59 PM, anyz > >>> > <[email protected]> > >>> > wrote: > >>> > > > >>> > >> I think i got it...added the > custom valve in > >>> > default jetspeed pipeline > >>> > >> that is in the following bean: > >>> > >> > >>> > >> <bean > id="jetspeed-pipeline"......../> > >>> > >> > >>> > >> It is added after <ref > >>> > bean="loginValidationValve" /> in > constructor > >>> > >> argument list. Now subject and > everything is > >>> > available.] > >>> > >> > >>> > >> Is this correct way to do > things? > >>> > >> > >>> > >> > >>> > >> > >>> > >> > >>> > >> On Wed, Mar 2, 2011 at 3:37 PM, > anyz <[email protected]> > >>> > wrote: > >>> > >> > >>> > >>> I added custom valve in > "login-pipeline" bean > >>> > defined in pipelines.xml > >>> > >>> that is probably not right > place to do. > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> On Wed, Mar 2, 2011 at 3:10 > PM, anyz <[email protected]> > >>> > wrote: > >>> > >>> > >>> > >>>> I implemented my custom > valve by extending > >>> > AbstractSecurityValve. The > >>> > >>>> documentation says this > valve > >>> > "Authenticates the user or redirects to > Login > >>> > >>>> if necessary, adds the > authenticated > >>> > Subject to the RequestContext." > >>> > >>>> However in the invoke() > method as i try to > >>> > get subject from request > >>> > >>>> context its always > NULL. > >>> > >>>> > >>> > >>>> My understanding is this > valve invokes > >>> > login module to authenticate user > >>> > >>>> and once authentication > done it sets teh > >>> > subject in request context. I have > >>> > >>>> called the > super.invoke(rc,vc) in my > >>> > custom valve but subject is always > >>> > >>>> NULL. > >>> > >>>> > >>> > >>>> Could you please guide > what am i missing? > >>> > >>>> > >>> > >>>> Thanks > >>> > >>>> > >>> > >>>> > >>> > >>>> > >>> > >>>> On Wed, Mar 2, 2011 at > 4:17 AM, Woonsan Ko > >>> > <[email protected]> > >>> > wrote: > >>> > >>>> > >>> > >>>>> > >>> > >>>>> --- On Tue, 3/1/11, > anyz <[email protected]> > >>> > wrote: > >>> > >>>>> > >>> > >>>>> > From: anyz > <[email protected]> > >>> > >>>>> > Subject: > Storing Custom Object in > >>> > Session on User Login > >>> > >>>>> > To: "Jetspeed > Users List" <[email protected]> > >>> > >>>>> > Date: Tuesday, > March 1, 2011, > >>> > 6:49 AM > >>> > >>>>> > I need to set a > custom class > >>> > object > >>> > >>>>> > into session > once user logged > >>> > into > >>> > >>>>> > Jetspeed. This > object will be > >>> > accessed and used later by > >>> > >>>>> > portlets. > After > >>> > >>>>> > searching into > email list and > >>> > forum i found two ways of > >>> > >>>>> > intercepting > J2 > >>> > >>>>> > login process: > >>> > >>>>> > > >>> > >>>>> > 1- Custom Login > Module > >>> > >>>>> > 2- Custom > Security Valve and > >>> > possibly Filter (not sure if > >>> > >>>>> > Filter works > in > >>> > >>>>> > Jetspeed 2.2.1 > or its for old > >>> > version) > >>> > >>>>> > > >>> > >>>>> > I manged to > plug my custom login > >>> > module however i could not > >>> > >>>>> > find a way to > >>> > >>>>> > get session in > login() method and > >>> > set my custom class > >>> > >>>>> > object into > session. > >>> > >>>>> > Is it possible > to get HttpSession > >>> > in custom login module? > >>> > >>>>> > >>> > >>>>> It is not possible > to access > >>> > HttpSession in a JAAS LoginModule. > >>> > >>>>> > >>> > >>>>> > > >>> > >>>>> > If i have write > security valve, > >>> > do i also need some sort of > >>> > >>>>> > Serverlt > filter > >>> > >>>>> > where i can set > custom object > >>> > into session. > >>> > >>>>> > >>> > >>>>> You don't need a > servlet filter if you > >>> > use a custom security valve. > >>> > >>>>> Servlet filter such > as > >>> > PoralLoginFilter is enabled/used only for > some > >>> > >>>>> environment like WAS > instead of > >>> > Jetspeed JAAS LoginModule. > >>> > >>>>> > >>> > >>>>> > >>> > >>>>> Woonsan > >>> > >>>>> > >>> > >>>>> > > >>> > >>>>> > > >>> > >>>>> > Thanks > >>> > >>>>> > > >>> > >>>>> > >>> > >>>>> > >>> > >>>>> > >>> > >>>>> > >>> > >>>>> > >>> > > --------------------------------------------------------------------- > >>> > >>>>> To unsubscribe, > e-mail: > >>> [email protected] > >>> > >>>>> For additional > commands, e-mail: > >>> [email protected] > >>> > >>>>> > >>> > >>>>> > >>> > >>>> > >>> > >>> > >>> > >> > >>> > > > >>> > > >>> > >>> > >>> > >>> > >>> > --------------------------------------------------------------------- > >>> To unsubscribe, e-mail: [email protected] > >>> For additional commands, e-mail: [email protected] > >>> > >>> > >> > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
