What i am doing is to contribute a PageRenderRequestHandler like this:
public static void
contributePageRenderRequestHandler(OrderedConfiguration<PageRenderRequestFilter>
configuration,
final @Local
@InjectService("securityContextPageRenderRequestFilter")
PageRenderRequestFilter securityContextPageRenderRequestFilter) {
configuration.add("securityContext",
securityContextPageRenderRequestFilter, "after:*");
}
I am using Chenillekit's access component:
(http://www.chenillekit.org/chenillekit-access/index.html) so in the
filter i get the WebSessionUser using the ApplicationStateManager.
Here u should get the object from the session. Just be sure that the
filter is executed after the WebSessionUser is put into the session.
the filter look like this:
public class SecurityContextPageRenderRequestFilter implements
PageRenderRequestFilter {
private final ApplicationStateManager _manager;
private final Logger _logger;
/**
* @param manager
* @author jmayaalv
*/
public SecurityContextPageRenderRequestFilter(ApplicationStateManager
manager, Logger logger) {
super();
_manager = manager;
_logger = logger;
}
public void handle(PageRenderRequestParameters parameters,
PageRenderRequestHandler handler) throws IOException {
RincoSessionUser webSessionUser = (RincoSessionUser)
_manager.getIfExists(WebSessionUser.class);
if (webSessionUser != null) {
SecurityContext securityContext = new
SecurityContext(webSessionUser.getUserId());
SecurityContextHolder.set(securityContext);
_logger.debug("SecurityContext added to the thread {}
", new
Object[] { securityContext });
}
handler.handle(parameters);
}
}
SecurityContextHolder is the class that interacts with threadlocal:
public class SecurityContextHolder {
private static ThreadLocal<SecurityContext> tLocal = new
ThreadLocal<SecurityContext>();
public static void set(SecurityContext securityContext) {
tLocal.set(securityContext);
}
public static SecurityContext get() {
return tLocal.get();
}
public static void remove() {
tLocal.remove();
}
}
U can get the SecurityContext during the thread execution with:
SecurityContextHolder.get()
Let me know if u need something else
On Tue, Jul 28, 2009 at 12:25 AM, "Max Weißböck
(info)"<m...@weissboeck.info> wrote:
> Ok, I think I get the idea...
>
> But where and when do you set the ThreadLocal? It must be set on every
> request (each request is another thread...)
> Do you have a common base class where you handle this? Any other way you do
> it?
>
> Max
>
>
> Am 28.07.2009 um 00:08 schrieb Juan E. Maya:
>
>> Hey Max, I had a similar problem and at the end create an object in
>> the ThreadLocal that contains a SecurityContext with the user
>> information (very lightweight object). The idea was taken from
>> Spring-Security. This way u have access to the user in the execution
>> thread. It was kind of weird for me to be accessing the HttpSession in
>> all the layers of the application.
>>
>>
>> On Mon, Jul 27, 2009 at 11:18 PM, "Max Weißböck
>> (info)"<m...@weissboeck.info> wrote:
>>>
>>> Sorry, my question seems not to be clear.
>>>
>>> It is not a Hibernate question, I now how to acces and set the attributes
>>> using the event.
>>> I already set the creation and modification date in each entity.
>>>
>>> But what I need too, is who (which user) did the creation/modification of
>>> an
>>> entity.
>>> This information (the user) is in an SSO (WebUser in my case) but I could
>>> not figure out,
>>> how I can get access to this SSO from the Hibernate Listener Class.
>>>
>>> thx, Max
>>>
>>> Am 27.07.2009 um 22:42 schrieb Igor Drobiazko:
>>>
>>>> This is a Hibernate question, not Tapestry. Have a look into the event
>>>> passed to your listener.
>>>> There is a method called getEntity().
>>>>
>>>> On Mon, Jul 27, 2009 at 10:34 PM, Max Weißböck (info)
>>>> <m...@weissboeck.info>wrote:
>>>>
>>>>> I'm using Hibernate Listeners PreUpdateEventListener and
>>>>> PreInsertEventListener to do audit logging in the DB.
>>>>>
>>>>> Now my problem is, how can I get access in the EventListenr class to
>>>>> the
>>>>> SSO where the user is stored? As Hibernate loads
>>>>> the classes as defined in the config file (see below), I can not bind
>>>>> them
>>>>> using AppModule and @Inject something - or at least I do not know how.
>>>>>
>>>>> I searched the list but found no solution (or did not understand it ;-)
>>>>>
>>>>> Thx, Max
>>>>>
>>>>> --- definition in hibernate.cfg.xml ---
>>>>>
>>>>> <!-- Audit Listener -->
>>>>> <listener type="pre-insert"
>>>>> class="net.weissboeck.gimmo.entities.AuditListenerImpl"/>
>>>>> <listener type="pre-update"
>>>>> class="net.weissboeck.gimmo.entities.AuditListenerImpl"/>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>> Best regards,
>>>>
>>>> Igor Drobiazko
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
>>> For additional commands, e-mail: users-h...@tapestry.apache.org
>>>
>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
>> For additional commands, e-mail: users-h...@tapestry.apache.org
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
> For additional commands, e-mail: users-h...@tapestry.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org
