Wednesday, November 12, 2003, 11:03:15 AM, you wrote:
JH> Why stop a storing a Boolean in the session to determine "logged-inness"?
JH> Why not just store the (validated) "User" object in the session and check for
JH> it's presence? That way, if it's there, one can utilize the data in the User
JH> object for whatever sordid little purpose said developer comes up with.
That excactly what I'm doing. At the login, the business logic checks
if the credentials supplied were right. If so, the user object will be
stored in the session. In that way, I can easily access all the user's
properties without doing a lookup all the time. You might run into
memory problems if you have a lot of simultanous logged in users
and/or big user objects. But that not the case for me. Additionally,
I'm storing a list of the users group membership in the session. So I
can do fast permission checks based on this list (always doing a
lookup for every groups is expensive).
JH> I mean using bean:write tags of the "User" object seems straightforward
JH> enough, but what about the List of "Children" objects that is part of
JH> the "User" object?
I don't really understand. I'm using code like this to access the
user object:
<c:choose>
<%-- check if the users object is stored in the session--%>
<c:when test="${empty sessionScope.user}">
<%-- it's not, present a "you're not logged in" message --%>
<span id="error"><bean:message key="login.header.unauthd"/></span><br>
</c:when>
<%-- the user is logged in --%>
<c:otherwise>
<%-- present a welcome message like "Welcome, John Doe." --%>
<bean:message key="login.header.welcome"/>, ${sessionScope.user.name}.
<%-- display the logout form --%>
<html:form action="login.do">
<html:hidden property="dispatch" value="logout"/>
<%-- the requested page parameter is used to return to this page
after logout --%>
<html:hidden property="requestedPage"
value="${pageContext.request.servletPath}"/>
<html:submit><bean:message key="login.button.logout"/></html:submit>
</html:form>
</c:otherwise>
</c:choose>
As you can see, I read and display the user's name with
${sessionScope.user.name}.
But I have to warn you, I'm a struts newbie too.. :)
Regards,
Arne Brutschy
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
