The Principal is already saved by Shiro in the HttpSession,
why just not use a custom annotation with a FieldConduit
that just gets it from Tynamo-security SecurityService?
On Oct 30, 2012, at 3:44 PM, Ulrich Stärk <u...@spielviel.de> wrote:
> From a third-party module (tynamo-security) I have the id (principal) of a
> Hibernate entity
> representing the currently logged in user in the HttpSession. I now want to
> inject that user into
> pages after loading it from persistent storage. The entity class shall be
> called User.
>
> Three options come to my mind:
>
> 1. Wrap the entity in another class, e.g. CurrentUser, which takes a
> Hibernate session and has a
> getUser() accessor which retrieves the User object from persistent storage.
> Store CurrentUser as a
> Session State Object and inject it using @SessionState. Needs an
> ApplicationStateCreator. Downside:
> needs an additional call to currentUser.getUser() every time I want to access
> the actual logged in user.
>
> 2. Create a UserSource service that looks up the User instance, build a
> PropertyShadowBuilder around
> it and bind it to the interface of the User class. Downside: requires the
> User entity to have an
> interface.
>
> 3. Create a persistence strategy that uses the principal from the http
> session to restore the User
> from persistent storage. Similar to @Persist("entity").
>
> The goal is to just @Inject User currentUser; or @SessionState User
> currentUser; or @Persist User
> currentUser; in a page or service and have acces to the user as denoted by
> the principal stored in
> the http session. Which option would you chose? Are there others, maybe more
> straightforward ones,
> that I'm missing?
>
> Cheers,
>
> Uli
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
> For additional commands, e-mail: users-h...@tapestry.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org
