I would also be interested to understand how this would work with cocoon
2.2. The SessionModule, see
http://cocoon.apache.org/2.2/core-modules/sitemap-components/1.0/apidocs/org/apache/cocoon/components/modules/input/SessionModule.html
may be the answer.
My problem is the following. I need to evaluate whether or not a given
user is allowed to access certain files or to perform certain tasks.
With Spring's capabilities of AOP (Aspect Oriented Programming), it is
very easy to define aspects, pointcuts, and joint points, currently
defined on certain service classes in the domain. Typically, before a
requested task is carried out (call to service class method), the system
'jumps' to a policy class to check whether or not the user is in fact
allowed to perform the task. If so, the system continues with the
requested task, otherwise for instance an exception is raised.
The policy class implements a PolicyEvaluator interface (totally unaware
of cocoon), which is the one that the AOP works with.
I would now need an implementation of PolicyEvaluator that needs to
identify the requesting user. So, this could possibly be accomplished
with the SessionModule, like
PolicyEvaluatorImpl extends SessionModule implements PolicyEvaluator {
private UserRepository userRepository;
PolicyEvaluatorImpl(UserRepository userRepository)
{
super();
this.userRepository = userRepository;
}
// From PolicyEvaluator
public boolean isAllowed(...)
{
// Get the requesting user.
Long identifier = (Long) super.getAttribute("identifier");
User user = this.userRepository.getUser(identifier);
// Apply policies here.
String reason = ....;
if ( !notAllowed )
throw new PolicyException(reason);
return true;
}
}
Would this actually work? Note that I use Spring for creating all
objects, including the PolicyEvaluatorImpl. Spring, by default would
instantiate this class as a singleton (which is fine with me), but I
must be quite sure that the current Session is available to the
implementing class.
My current implementation include in their signature the User object. In
some cases this is not convenient (also gives coupling between packages,
which possibly could be avoided) and I am therefore looking for an
alternative solution.
Best regards,
Andre
Johannes Hoechstaedter wrote:
Maybe you will find it already posted in the mailing list. Search here:
http://www.mail-archive.com/users@cocoon.apache.org/
Maybe this article is helpful as well:
http://wiki.apache.org/cocoon/InputModules
cheers,
Johannes
asif_zzz schrieb:
Hi,
im new to cocoon.
im using cocoon 2.1.10,spring ORM and hibernate.
im setting a session attribute in flowscript(flow.js)
cocoon.session.setAttribute("Instance",instance);
I need to get the above session attibute in bean.
Anyone please tell me how to get it??
Thanks in advance.
Regards,
Aashik
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
