> The goal is to just @Inject User currentUser; or @SessionState User
> currentUser; or @Persist User
> currentUser; in a page or service and have acces to the user as denoted by
> the principal stored in
> the http session. Which option would you chose? Are there others, maybe
> more straightforward ones,
> that I'm missing?
What I did is
in Login.java
onActionFromLoginForm() {
....
currentUser.login(token);
...
User user = User.getUserByEmail(newContext,
currentUser.getPrincipal().toString());
// the principal is the user's email address
// I use cayenne instead of hibernate
....
request.getSession(true).setAttribute(MyConstants.USER_SESSION_ATTRIBUTE, user);
....
}
in page classes:
@SessionAttribute(MyConstants.USER_SESSION_ATTRIBUTE)
private User user;
Is there a disadvantage to this solution that I overlooked?
One problem is, if the admin deactivates or deletes the user while they are
logged in, the user can still access the site.
-Bjello
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org
