It could be some thing like a session listner in portlet application. We can capture event in this listener, when session is created (i.e. first request to any of portlet in portlet application). However at this point we do not have access to Portal session.
On Thu, Mar 10, 2011 at 4:02 PM, anyz <[email protected]> wrote: > Woonsan, > > I have successfully get the session object in Portlet applicaton that was > set by Portal application in custom security valve. There is one more step > left in process. Actually portlet application has a session-scoped spring > bean. The values from session object (set by portal app) should be extracted > and set into spring bean.This spring bean is then accessible to other > classes through dependency injection performed by Spring. > > What could be point where i can set the values in portlet application > session-scoped spring bean. For example writing listner kind of thing. Is > jet speed providing some thing...a entry point to Portlet application? > > Thanks > > > On Fri, Mar 4, 2011 at 11:14 AM, anyz <[email protected]> wrote: > >> Thats right. Woonsan thank you very much for your time and effort. It >> helped me a lot to come out of this hard situation. >> >> Thanks >> >> >> On Thu, Mar 3, 2011 at 11:46 PM, Woonsan Ko <[email protected]> wrote: >> >>> As you already know, Jetspeed uses shared interfaces/classes if anything >>> should be shared among applications. For this reason, jetspeed-api and >>> jetspeed-commons jar files are deployed into the shared class path (e.g. >>> $CATALINA_HOME/lib) >>> >>> Woonsan >>> >>> >>> --- On Thu, 3/3/11, anyz <[email protected]> wrote: >>> >>> > From: anyz <[email protected]> >>> > Subject: Re: Storing Custom Object in Session on User Login >>> > To: "Jetspeed Users List" <[email protected]> >>> > Date: Thursday, March 3, 2011, 11:35 AM >>> > Since the authenticated Subject that >>> > was set in session by Portal >>> > Application (jetspeed.war) is availabel in all portlet >>> > applications. How did >>> > it work and can't i make my custom calass behave >>> > similarly. >>> > >>> > Thanks >>> > >>> > On Thu, Mar 3, 2011 at 3:21 PM, anyz <[email protected]> >>> > wrote: >>> > >>> > > Now portlet development contain lots of >>> > challenges...As i stated actually i >>> > > want to set a custom class (say MySessionClass) into >>> > session. With security >>> > > valve i have to have that class in jar file that >>> > contains custom security >>> > > valve and placed in portal application jetspeed. >>> > > >>> > > While getting this attribute from my portlet >>> > application i have that >>> > > MySessionClass in portlet application classpath. Now >>> > casting the session >>> > > attribute to this causes ClassCastException becuase >>> > two classes are loaded >>> > > by JVM from differnt locations. >>> > > >>> > > One possible way could be to place the MySessionClass >>> > in soem common lib or >>> > > application server (Tomcat) where both portal and >>> > portlet application can >>> > > access it. But i wonder how people achieve this >>> > behaviour...ins'nt there >>> > > some more simple way. >>> > > >>> > > On Thu, Mar 3, 2011 at 12:12 PM, anyz >>> > <[email protected]> >>> > wrote: >>> > > >>> > >> Thank you woonsan, it worked like a charm. >>> > >> >>> > >> >>> > >> On Thu, Mar 3, 2011 at 4:36 AM, Woonsan Ko <[email protected]> >>> > wrote: >>> > >> >>> > >>> In your custom valve, you may have set an >>> > attribute in an http session of >>> > >>> the portal application. >>> > >>> Now, you're trying to get the attribute in an >>> > http session of a portlet >>> > >>> application. Http sessions are not shared >>> > between web applications. >>> > >>> So, you can try this from your portlet code >>> > with Jetspeed API to get >>> > >>> accesses to the portal session attributes: >>> > >>> >>> > >>> import >>> > org.apache.jetspeed.request.RequestContext; >>> > >>> >>> > >>> RequestContext rc = (RequestContext) >>> > >>> >>> > portletRequest.getAttribute(RequestContext.REQUEST_PORTALENV); >>> > >>> Object attr = >>> > rc.getSessionAttribute("some-attribute-name"); >>> > >>> >>> > >>> >>> > >>> Woonsan >>> > >>> >>> > >>> --- On Wed, 3/2/11, anyz <[email protected]> >>> > wrote: >>> > >>> >>> > >>> > From: anyz <[email protected]> >>> > >>> > Subject: Re: Storing Custom Object in >>> > Session on User Login >>> > >>> > To: "Jetspeed Users List" <[email protected]> >>> > >>> > Date: Wednesday, March 2, 2011, 2:59 PM >>> > >>> > I used to get session in valve as >>> > >>> > requestContext.getRequest().getSession() >>> > >>> > and then set attribute in session. >>> > However i am not able to >>> > >>> > get this >>> > >>> > attribute in portlet JSP page from >>> > HttpSession or >>> > >>> > PortletSession. This seems >>> > >>> > to be same problem as given in another >>> > thread at >>> > >>> > >>> http://permalink.gmane.org/gmane.comp.jakarta.jetspeed.user/23626 >>> > >>> > >>> > >>> > Probably if i could set the attribute in >>> > portletsession and >>> > >>> > with >>> > >>> > APPLICATION_SCOPE that may be available. >>> > But its not >>> > >>> > possibel to get portlet >>> > >>> > session in valve. >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> > On Wed, Mar 2, 2011 at 5:54 PM, anyz >>> > <[email protected]> >>> > >>> > wrote: >>> > >>> > >>> > >>> > > In custom security valve if i set an >>> > attribute in >>> > >>> > session. Later i 'm not >>> > >>> > > able to get this attribute in >>> > portlet JSP page. It is >>> > >>> > always >>> > >>> > > NULL. Application is deployed on >>> > Tomcat and already >>> > >>> > have set >>> > >>> > > crossContext="true". Does the >>> > session get overridden >>> > >>> > somewhere? >>> > >>> > > >>> > >>> > > Thanks >>> > >>> > > >>> > >>> > > On Wed, Mar 2, 2011 >>> > at 3:59 PM, anyz >>> > >>> > <[email protected]> >>> > >>> > wrote: >>> > >>> > > >>> > >>> > >> I think i got it...added the >>> > custom valve in >>> > >>> > default jetspeed pipeline >>> > >>> > >> that is in the following bean: >>> > >>> > >> >>> > >>> > >> <bean >>> > id="jetspeed-pipeline"......../> >>> > >>> > >> >>> > >>> > >> It is added after <ref >>> > >>> > bean="loginValidationValve" /> in >>> > constructor >>> > >>> > >> argument list. Now subject and >>> > everything is >>> > >>> > available.] >>> > >>> > >> >>> > >>> > >> Is this correct way to do >>> > things? >>> > >>> > >> >>> > >>> > >> >>> > >>> > >> >>> > >>> > >> >>> > >>> > >> On Wed, Mar 2, 2011 at 3:37 PM, >>> > anyz <[email protected]> >>> > >>> > wrote: >>> > >>> > >> >>> > >>> > >>> I added custom valve in >>> > "login-pipeline" bean >>> > >>> > defined in pipelines.xml >>> > >>> > >>> that is probably not right >>> > place to do. >>> > >>> > >>> >>> > >>> > >>> >>> > >>> > >>> >>> > >>> > >>> On Wed, Mar 2, 2011 at 3:10 >>> > PM, anyz <[email protected]> >>> > >>> > wrote: >>> > >>> > >>> >>> > >>> > >>>> I implemented my custom >>> > valve by extending >>> > >>> > AbstractSecurityValve. The >>> > >>> > >>>> documentation says this >>> > valve >>> > >>> > "Authenticates the user or redirects to >>> > Login >>> > >>> > >>>> if necessary, adds the >>> > authenticated >>> > >>> > Subject to the RequestContext." >>> > >>> > >>>> However in the invoke() >>> > method as i try to >>> > >>> > get subject from request >>> > >>> > >>>> context its always >>> > NULL. >>> > >>> > >>>> >>> > >>> > >>>> My understanding is this >>> > valve invokes >>> > >>> > login module to authenticate user >>> > >>> > >>>> and once authentication >>> > done it sets teh >>> > >>> > subject in request context. I have >>> > >>> > >>>> called the >>> > super.invoke(rc,vc) in my >>> > >>> > custom valve but subject is always >>> > >>> > >>>> NULL. >>> > >>> > >>>> >>> > >>> > >>>> Could you please guide >>> > what am i missing? >>> > >>> > >>>> >>> > >>> > >>>> Thanks >>> > >>> > >>>> >>> > >>> > >>>> >>> > >>> > >>>> >>> > >>> > >>>> On Wed, Mar 2, 2011 at >>> > 4:17 AM, Woonsan Ko >>> > >>> > <[email protected]> >>> > >>> > wrote: >>> > >>> > >>>> >>> > >>> > >>>>> >>> > >>> > >>>>> --- On Tue, 3/1/11, >>> > anyz <[email protected]> >>> > >>> > wrote: >>> > >>> > >>>>> >>> > >>> > >>>>> > From: anyz >>> > <[email protected]> >>> > >>> > >>>>> > Subject: >>> > Storing Custom Object in >>> > >>> > Session on User Login >>> > >>> > >>>>> > To: "Jetspeed >>> > Users List" <[email protected]> >>> > >>> > >>>>> > Date: Tuesday, >>> > March 1, 2011, >>> > >>> > 6:49 AM >>> > >>> > >>>>> > I need to set a >>> > custom class >>> > >>> > object >>> > >>> > >>>>> > into session >>> > once user logged >>> > >>> > into >>> > >>> > >>>>> > Jetspeed. This >>> > object will be >>> > >>> > accessed and used later by >>> > >>> > >>>>> > portlets. >>> > After >>> > >>> > >>>>> > searching into >>> > email list and >>> > >>> > forum i found two ways of >>> > >>> > >>>>> > intercepting >>> > J2 >>> > >>> > >>>>> > login process: >>> > >>> > >>>>> > >>> > >>> > >>>>> > 1- Custom Login >>> > Module >>> > >>> > >>>>> > 2- Custom >>> > Security Valve and >>> > >>> > possibly Filter (not sure if >>> > >>> > >>>>> > Filter works >>> > in >>> > >>> > >>>>> > Jetspeed 2.2.1 >>> > or its for old >>> > >>> > version) >>> > >>> > >>>>> > >>> > >>> > >>>>> > I manged to >>> > plug my custom login >>> > >>> > module however i could not >>> > >>> > >>>>> > find a way to >>> > >>> > >>>>> > get session in >>> > login() method and >>> > >>> > set my custom class >>> > >>> > >>>>> > object into >>> > session. >>> > >>> > >>>>> > Is it possible >>> > to get HttpSession >>> > >>> > in custom login module? >>> > >>> > >>>>> >>> > >>> > >>>>> It is not possible >>> > to access >>> > >>> > HttpSession in a JAAS LoginModule. >>> > >>> > >>>>> >>> > >>> > >>>>> > >>> > >>> > >>>>> > If i have write >>> > security valve, >>> > >>> > do i also need some sort of >>> > >>> > >>>>> > Serverlt >>> > filter >>> > >>> > >>>>> > where i can set >>> > custom object >>> > >>> > into session. >>> > >>> > >>>>> >>> > >>> > >>>>> You don't need a >>> > servlet filter if you >>> > >>> > use a custom security valve. >>> > >>> > >>>>> Servlet filter such >>> > as >>> > >>> > PoralLoginFilter is enabled/used only for >>> > some >>> > >>> > >>>>> environment like WAS >>> > instead of >>> > >>> > Jetspeed JAAS LoginModule. >>> > >>> > >>>>> >>> > >>> > >>>>> >>> > >>> > >>>>> Woonsan >>> > >>> > >>>>> >>> > >>> > >>>>> > >>> > >>> > >>>>> > >>> > >>> > >>>>> > Thanks >>> > >>> > >>>>> > >>> > >>> > >>>>> >>> > >>> > >>>>> >>> > >>> > >>>>> >>> > >>> > >>>>> >>> > >>> > >>>>> >>> > >>> > >>> > --------------------------------------------------------------------- >>> > >>> > >>>>> To unsubscribe, >>> > e-mail: >>> > >>> [email protected] >>> > >>> > >>>>> For additional >>> > commands, e-mail: >>> > >>> [email protected] >>> > >>> > >>>>> >>> > >>> > >>>>> >>> > >>> > >>>> >>> > >>> > >>> >>> > >>> > >> >>> > >>> > > >>> > >>> > >>> > >>> >>> > >>> >>> > >>> >>> > >>> >>> > >>> >>> > --------------------------------------------------------------------- >>> > >>> To unsubscribe, e-mail: >>> [email protected] >>> > >>> For additional commands, e-mail: >>> [email protected] >>> > >>> >>> > >>> >>> > >> >>> > > >>> > >>> >>> >>> >>> >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: [email protected] >>> For additional commands, e-mail: [email protected] >>> >>> >> >
