What i am doing is to contribute a PageRenderRequestHandler like this: public static void contributePageRenderRequestHandler(OrderedConfiguration<PageRenderRequestFilter> configuration, final @Local @InjectService("securityContextPageRenderRequestFilter") PageRenderRequestFilter securityContextPageRenderRequestFilter) { configuration.add("securityContext", securityContextPageRenderRequestFilter, "after:*"); }
I am using Chenillekit's access component: (http://www.chenillekit.org/chenillekit-access/index.html) so in the filter i get the WebSessionUser using the ApplicationStateManager. Here u should get the object from the session. Just be sure that the filter is executed after the WebSessionUser is put into the session. the filter look like this: public class SecurityContextPageRenderRequestFilter implements PageRenderRequestFilter { private final ApplicationStateManager _manager; private final Logger _logger; /** * @param manager * @author jmayaalv */ public SecurityContextPageRenderRequestFilter(ApplicationStateManager manager, Logger logger) { super(); _manager = manager; _logger = logger; } public void handle(PageRenderRequestParameters parameters, PageRenderRequestHandler handler) throws IOException { RincoSessionUser webSessionUser = (RincoSessionUser) _manager.getIfExists(WebSessionUser.class); if (webSessionUser != null) { SecurityContext securityContext = new SecurityContext(webSessionUser.getUserId()); SecurityContextHolder.set(securityContext); _logger.debug("SecurityContext added to the thread {} ", new Object[] { securityContext }); } handler.handle(parameters); } } SecurityContextHolder is the class that interacts with threadlocal: public class SecurityContextHolder { private static ThreadLocal<SecurityContext> tLocal = new ThreadLocal<SecurityContext>(); public static void set(SecurityContext securityContext) { tLocal.set(securityContext); } public static SecurityContext get() { return tLocal.get(); } public static void remove() { tLocal.remove(); } } U can get the SecurityContext during the thread execution with: SecurityContextHolder.get() Let me know if u need something else On Tue, Jul 28, 2009 at 12:25 AM, "Max Weißböck (info)"<m...@weissboeck.info> wrote: > Ok, I think I get the idea... > > But where and when do you set the ThreadLocal? It must be set on every > request (each request is another thread...) > Do you have a common base class where you handle this? Any other way you do > it? > > Max > > > Am 28.07.2009 um 00:08 schrieb Juan E. Maya: > >> Hey Max, I had a similar problem and at the end create an object in >> the ThreadLocal that contains a SecurityContext with the user >> information (very lightweight object). The idea was taken from >> Spring-Security. This way u have access to the user in the execution >> thread. It was kind of weird for me to be accessing the HttpSession in >> all the layers of the application. >> >> >> On Mon, Jul 27, 2009 at 11:18 PM, "Max Weißböck >> (info)"<m...@weissboeck.info> wrote: >>> >>> Sorry, my question seems not to be clear. >>> >>> It is not a Hibernate question, I now how to acces and set the attributes >>> using the event. >>> I already set the creation and modification date in each entity. >>> >>> But what I need too, is who (which user) did the creation/modification of >>> an >>> entity. >>> This information (the user) is in an SSO (WebUser in my case) but I could >>> not figure out, >>> how I can get access to this SSO from the Hibernate Listener Class. >>> >>> thx, Max >>> >>> Am 27.07.2009 um 22:42 schrieb Igor Drobiazko: >>> >>>> This is a Hibernate question, not Tapestry. Have a look into the event >>>> passed to your listener. >>>> There is a method called getEntity(). >>>> >>>> On Mon, Jul 27, 2009 at 10:34 PM, Max Weißböck (info) >>>> <m...@weissboeck.info>wrote: >>>> >>>>> I'm using Hibernate Listeners PreUpdateEventListener and >>>>> PreInsertEventListener to do audit logging in the DB. >>>>> >>>>> Now my problem is, how can I get access in the EventListenr class to >>>>> the >>>>> SSO where the user is stored? As Hibernate loads >>>>> the classes as defined in the config file (see below), I can not bind >>>>> them >>>>> using AppModule and @Inject something - or at least I do not know how. >>>>> >>>>> I searched the list but found no solution (or did not understand it ;-) >>>>> >>>>> Thx, Max >>>>> >>>>> --- definition in hibernate.cfg.xml --- >>>>> >>>>> <!-- Audit Listener --> >>>>> <listener type="pre-insert" >>>>> class="net.weissboeck.gimmo.entities.AuditListenerImpl"/> >>>>> <listener type="pre-update" >>>>> class="net.weissboeck.gimmo.entities.AuditListenerImpl"/> >>>>> >>>>> >>>>> >>>>> >>>> >>>> >>>> -- >>>> Best regards, >>>> >>>> Igor Drobiazko >>> >>> >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org >>> For additional commands, e-mail: users-h...@tapestry.apache.org >>> >>> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org >> For additional commands, e-mail: users-h...@tapestry.apache.org >> > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org > For additional commands, e-mail: users-h...@tapestry.apache.org > > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org