Isn't the Spring Application Context a singleton though? Or am I wrong?
( Would be a problem to store things such as the currently executing user in a multi-threaded web server environment )

What I meant was create a small Context class such as this :

public class Context {

    private String userName = null;
    private String[] roles = null;

    public Context() {
    }

    // accessors & mutators for userName and roles

    private static ThreadLocal context = new ThreadLocal() {
        protected synchronized Object initialValue() {
            return new Context();
        }
    };
   
    public static Context getContext() {
        return (Context)context.get();
    }

}

you then set this in your servlet filter ( interrogating the request to get the relevant info to set on the above context )

from your application you can then do Context.getContext() to get hold of your context.

Each thread will be guaranteed to have its own context.

Hope it helps...

Cheers,
Renier

Paul wrote:
Hi Renier

I developed some cusom JAAS login modules for our companies existing
security framework - this was done before we started using Spring. I
briefly took a look at ACEGI, but time caused me not to persue it
further.

I'm not sure what you mean by "create a context object".... I'm not
sure how I would go about doing this.

One solution that was suggested by a colleague was to to make my POJO
"Spring Application Context Aware". I'm banking on having access to the
HTTP request object from the spring application context - but even if
this is not the case, then I could use a filter to save the user
principle into springs application context - and consequently pick it
up again inside my Application Context Aware POJO.

I'm not sure yet how to get to the Spring Application Context from
within the POJO - how does this solution sound to you though?

Reply via email to