Thats right. Woonsan thank you very much for your time and effort. It helped me a lot to come out of this hard situation.
Thanks On Thu, Mar 3, 2011 at 11:46 PM, Woonsan Ko <[email protected]> wrote: > As you already know, Jetspeed uses shared interfaces/classes if anything > should be shared among applications. For this reason, jetspeed-api and > jetspeed-commons jar files are deployed into the shared class path (e.g. > $CATALINA_HOME/lib) > > Woonsan > > > --- On Thu, 3/3/11, anyz <[email protected]> wrote: > > > From: anyz <[email protected]> > > Subject: Re: Storing Custom Object in Session on User Login > > To: "Jetspeed Users List" <[email protected]> > > Date: Thursday, March 3, 2011, 11:35 AM > > Since the authenticated Subject that > > was set in session by Portal > > Application (jetspeed.war) is availabel in all portlet > > applications. How did > > it work and can't i make my custom calass behave > > similarly. > > > > Thanks > > > > On Thu, Mar 3, 2011 at 3:21 PM, anyz <[email protected]> > > wrote: > > > > > Now portlet development contain lots of > > challenges...As i stated actually i > > > want to set a custom class (say MySessionClass) into > > session. With security > > > valve i have to have that class in jar file that > > contains custom security > > > valve and placed in portal application jetspeed. > > > > > > While getting this attribute from my portlet > > application i have that > > > MySessionClass in portlet application classpath. Now > > casting the session > > > attribute to this causes ClassCastException becuase > > two classes are loaded > > > by JVM from differnt locations. > > > > > > One possible way could be to place the MySessionClass > > in soem common lib or > > > application server (Tomcat) where both portal and > > portlet application can > > > access it. But i wonder how people achieve this > > behaviour...ins'nt there > > > some more simple way. > > > > > > On Thu, Mar 3, 2011 at 12:12 PM, anyz > > <[email protected]> > > wrote: > > > > > >> Thank you woonsan, it worked like a charm. > > >> > > >> > > >> On Thu, Mar 3, 2011 at 4:36 AM, Woonsan Ko <[email protected]> > > wrote: > > >> > > >>> In your custom valve, you may have set an > > attribute in an http session of > > >>> the portal application. > > >>> Now, you're trying to get the attribute in an > > http session of a portlet > > >>> application. Http sessions are not shared > > between web applications. > > >>> So, you can try this from your portlet code > > with Jetspeed API to get > > >>> accesses to the portal session attributes: > > >>> > > >>> import > > org.apache.jetspeed.request.RequestContext; > > >>> > > >>> RequestContext rc = (RequestContext) > > >>> > > portletRequest.getAttribute(RequestContext.REQUEST_PORTALENV); > > >>> Object attr = > > rc.getSessionAttribute("some-attribute-name"); > > >>> > > >>> > > >>> Woonsan > > >>> > > >>> --- On Wed, 3/2/11, anyz <[email protected]> > > wrote: > > >>> > > >>> > From: anyz <[email protected]> > > >>> > Subject: Re: Storing Custom Object in > > Session on User Login > > >>> > To: "Jetspeed Users List" <[email protected]> > > >>> > Date: Wednesday, March 2, 2011, 2:59 PM > > >>> > I used to get session in valve as > > >>> > requestContext.getRequest().getSession() > > >>> > and then set attribute in session. > > However i am not able to > > >>> > get this > > >>> > attribute in portlet JSP page from > > HttpSession or > > >>> > PortletSession. This seems > > >>> > to be same problem as given in another > > thread at > > >>> > http://permalink.gmane.org/gmane.comp.jakarta.jetspeed.user/23626 > > >>> > > > >>> > Probably if i could set the attribute in > > portletsession and > > >>> > with > > >>> > APPLICATION_SCOPE that may be available. > > But its not > > >>> > possibel to get portlet > > >>> > session in valve. > > >>> > > > >>> > > > >>> > > > >>> > > > >>> > > > >>> > On Wed, Mar 2, 2011 at 5:54 PM, anyz > > <[email protected]> > > >>> > wrote: > > >>> > > > >>> > > In custom security valve if i set an > > attribute in > > >>> > session. Later i 'm not > > >>> > > able to get this attribute in > > portlet JSP page. It is > > >>> > always > > >>> > > NULL. Application is deployed on > > Tomcat and already > > >>> > have set > > >>> > > crossContext="true". Does the > > session get overridden > > >>> > somewhere? > > >>> > > > > >>> > > Thanks > > >>> > > > > >>> > > On Wed, Mar 2, 2011 > > at 3:59 PM, anyz > > >>> > <[email protected]> > > >>> > wrote: > > >>> > > > > >>> > >> I think i got it...added the > > custom valve in > > >>> > default jetspeed pipeline > > >>> > >> that is in the following bean: > > >>> > >> > > >>> > >> <bean > > id="jetspeed-pipeline"......../> > > >>> > >> > > >>> > >> It is added after <ref > > >>> > bean="loginValidationValve" /> in > > constructor > > >>> > >> argument list. Now subject and > > everything is > > >>> > available.] > > >>> > >> > > >>> > >> Is this correct way to do > > things? > > >>> > >> > > >>> > >> > > >>> > >> > > >>> > >> > > >>> > >> On Wed, Mar 2, 2011 at 3:37 PM, > > anyz <[email protected]> > > >>> > wrote: > > >>> > >> > > >>> > >>> I added custom valve in > > "login-pipeline" bean > > >>> > defined in pipelines.xml > > >>> > >>> that is probably not right > > place to do. > > >>> > >>> > > >>> > >>> > > >>> > >>> > > >>> > >>> On Wed, Mar 2, 2011 at 3:10 > > PM, anyz <[email protected]> > > >>> > wrote: > > >>> > >>> > > >>> > >>>> I implemented my custom > > valve by extending > > >>> > AbstractSecurityValve. The > > >>> > >>>> documentation says this > > valve > > >>> > "Authenticates the user or redirects to > > Login > > >>> > >>>> if necessary, adds the > > authenticated > > >>> > Subject to the RequestContext." > > >>> > >>>> However in the invoke() > > method as i try to > > >>> > get subject from request > > >>> > >>>> context its always > > NULL. > > >>> > >>>> > > >>> > >>>> My understanding is this > > valve invokes > > >>> > login module to authenticate user > > >>> > >>>> and once authentication > > done it sets teh > > >>> > subject in request context. I have > > >>> > >>>> called the > > super.invoke(rc,vc) in my > > >>> > custom valve but subject is always > > >>> > >>>> NULL. > > >>> > >>>> > > >>> > >>>> Could you please guide > > what am i missing? > > >>> > >>>> > > >>> > >>>> Thanks > > >>> > >>>> > > >>> > >>>> > > >>> > >>>> > > >>> > >>>> On Wed, Mar 2, 2011 at > > 4:17 AM, Woonsan Ko > > >>> > <[email protected]> > > >>> > wrote: > > >>> > >>>> > > >>> > >>>>> > > >>> > >>>>> --- On Tue, 3/1/11, > > anyz <[email protected]> > > >>> > wrote: > > >>> > >>>>> > > >>> > >>>>> > From: anyz > > <[email protected]> > > >>> > >>>>> > Subject: > > Storing Custom Object in > > >>> > Session on User Login > > >>> > >>>>> > To: "Jetspeed > > Users List" <[email protected]> > > >>> > >>>>> > Date: Tuesday, > > March 1, 2011, > > >>> > 6:49 AM > > >>> > >>>>> > I need to set a > > custom class > > >>> > object > > >>> > >>>>> > into session > > once user logged > > >>> > into > > >>> > >>>>> > Jetspeed. This > > object will be > > >>> > accessed and used later by > > >>> > >>>>> > portlets. > > After > > >>> > >>>>> > searching into > > email list and > > >>> > forum i found two ways of > > >>> > >>>>> > intercepting > > J2 > > >>> > >>>>> > login process: > > >>> > >>>>> > > > >>> > >>>>> > 1- Custom Login > > Module > > >>> > >>>>> > 2- Custom > > Security Valve and > > >>> > possibly Filter (not sure if > > >>> > >>>>> > Filter works > > in > > >>> > >>>>> > Jetspeed 2.2.1 > > or its for old > > >>> > version) > > >>> > >>>>> > > > >>> > >>>>> > I manged to > > plug my custom login > > >>> > module however i could not > > >>> > >>>>> > find a way to > > >>> > >>>>> > get session in > > login() method and > > >>> > set my custom class > > >>> > >>>>> > object into > > session. > > >>> > >>>>> > Is it possible > > to get HttpSession > > >>> > in custom login module? > > >>> > >>>>> > > >>> > >>>>> It is not possible > > to access > > >>> > HttpSession in a JAAS LoginModule. > > >>> > >>>>> > > >>> > >>>>> > > > >>> > >>>>> > If i have write > > security valve, > > >>> > do i also need some sort of > > >>> > >>>>> > Serverlt > > filter > > >>> > >>>>> > where i can set > > custom object > > >>> > into session. > > >>> > >>>>> > > >>> > >>>>> You don't need a > > servlet filter if you > > >>> > use a custom security valve. > > >>> > >>>>> Servlet filter such > > as > > >>> > PoralLoginFilter is enabled/used only for > > some > > >>> > >>>>> environment like WAS > > instead of > > >>> > Jetspeed JAAS LoginModule. > > >>> > >>>>> > > >>> > >>>>> > > >>> > >>>>> Woonsan > > >>> > >>>>> > > >>> > >>>>> > > > >>> > >>>>> > > > >>> > >>>>> > Thanks > > >>> > >>>>> > > > >>> > >>>>> > > >>> > >>>>> > > >>> > >>>>> > > >>> > >>>>> > > >>> > >>>>> > > >>> > > > --------------------------------------------------------------------- > > >>> > >>>>> To unsubscribe, > > e-mail: > > >>> [email protected] > > >>> > >>>>> For additional > > commands, e-mail: > > >>> [email protected] > > >>> > >>>>> > > >>> > >>>>> > > >>> > >>>> > > >>> > >>> > > >>> > >> > > >>> > > > > >>> > > > >>> > > >>> > > >>> > > >>> > > >>> > > --------------------------------------------------------------------- > > >>> To unsubscribe, e-mail: [email protected] > > >>> For additional commands, e-mail: > [email protected] > > >>> > > >>> > > >> > > > > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > >
