You may consider using a JSR 286 Portlet Filter, which can intercept portlet request, so you can access portal session through the portlet request. It seems possible to set an application-scope session attribute there for your spring application through the portlet request.
Woonsan --- On Thu, 3/10/11, anyz <[email protected]> wrote: > From: anyz <[email protected]> > Subject: Re: Storing Custom Object in Session on User Login > To: "Jetspeed Users List" <[email protected]> > Date: Thursday, March 10, 2011, 12:22 PM > It could be some thing like a session > listner in portlet application. We can > capture event in this listener, when session is created > (i.e. first request > to any of portlet in portlet application). However at this > point we do not > have access to Portal session. > > On Thu, Mar 10, 2011 at 4:02 PM, anyz <[email protected]> > wrote: > > > Woonsan, > > > > I have successfully get the session object in Portlet > applicaton that was > > set by Portal application in custom security valve. > There is one more step > > left in process. Actually portlet application has a > session-scoped spring > > bean. The values from session object (set by portal > app) should be extracted > > and set into spring bean.This spring bean is then > accessible to other > > classes through dependency injection performed by > Spring. > > > > What could be point where i can set the values in > portlet application > > session-scoped spring bean. For example writing > listner kind of thing. Is > > jet speed providing some thing...a entry point to > Portlet application? > > > > Thanks > > > > > > On Fri, Mar 4, 2011 at 11:14 AM, anyz <[email protected]> > wrote: > > > >> Thats right. Woonsan thank you very much for your > time and effort. It > >> helped me a lot to come out of this hard > situation. > >> > >> Thanks > >> > >> > >> On Thu, Mar 3, 2011 at 11:46 PM, Woonsan Ko <[email protected]> > wrote: > >> > >>> As you already know, Jetspeed uses shared > interfaces/classes if anything > >>> should be shared among applications. For this > reason, jetspeed-api and > >>> jetspeed-commons jar files are deployed into > the shared class path (e.g. > >>> $CATALINA_HOME/lib) > >>> > >>> Woonsan > >>> > >>> > >>> --- On Thu, 3/3/11, anyz <[email protected]> > wrote: > >>> > >>> > From: anyz <[email protected]> > >>> > Subject: Re: Storing Custom Object in > Session on User Login > >>> > To: "Jetspeed Users List" <[email protected]> > >>> > Date: Thursday, March 3, 2011, 11:35 AM > >>> > Since the authenticated Subject > that > >>> > was set in session by Portal > >>> > Application (jetspeed.war) is availabel > in all portlet > >>> > applications. How did > >>> > it work and can't i make my custom calass > behave > >>> > similarly. > >>> > > >>> > Thanks > >>> > > >>> > On Thu, Mar 3, 2011 at 3:21 PM, anyz > <[email protected]> > >>> > wrote: > >>> > > >>> > > Now portlet development contain lots > of > >>> > challenges...As i stated actually i > >>> > > want to set a custom class (say > MySessionClass) into > >>> > session. With security > >>> > > valve i have to have that class in > jar file that > >>> > contains custom security > >>> > > valve and placed in portal > application jetspeed. > >>> > > > >>> > > While getting this attribute from my > portlet > >>> > application i have that > >>> > > MySessionClass in portlet > application classpath. Now > >>> > casting the session > >>> > > attribute to this causes > ClassCastException becuase > >>> > two classes are loaded > >>> > > by JVM from differnt locations. > >>> > > > >>> > > One possible way could be to place > the MySessionClass > >>> > in soem common lib or > >>> > > application server (Tomcat) where > both portal and > >>> > portlet application can > >>> > > access it. But i wonder how people > achieve this > >>> > behaviour...ins'nt there > >>> > > some more simple way. > >>> > > > >>> > > On Thu, Mar 3, 2011 > at 12:12 PM, anyz > >>> > <[email protected]> > >>> > wrote: > >>> > > > >>> > >> Thank you woonsan, it worked > like a charm. > >>> > >> > >>> > >> > >>> > >> On Thu, Mar 3, 2011 at 4:36 AM, > Woonsan Ko <[email protected]> > >>> > wrote: > >>> > >> > >>> > >>> In your custom valve, you > may have set an > >>> > attribute in an http session of > >>> > >>> the portal application. > >>> > >>> Now, you're trying to get > the attribute in an > >>> > http session of a portlet > >>> > >>> application. Http sessions > are not shared > >>> > between web applications. > >>> > >>> So, you can try this from > your portlet code > >>> > with Jetspeed API to get > >>> > >>> accesses to the portal > session attributes: > >>> > >>> > >>> > >>> import > >>> > > org.apache.jetspeed.request.RequestContext; > >>> > >>> > >>> > >>> RequestContext rc = > (RequestContext) > >>> > >>> > >>> > > portletRequest.getAttribute(RequestContext.REQUEST_PORTALENV); > >>> > >>> Object attr = > >>> > > rc.getSessionAttribute("some-attribute-name"); > >>> > >>> > >>> > >>> > >>> > >>> Woonsan > >>> > >>> > >>> > >>> --- On Wed, 3/2/11, anyz > <[email protected]> > >>> > wrote: > >>> > >>> > >>> > >>> > From: anyz <[email protected]> > >>> > >>> > Subject: Re: Storing > Custom Object in > >>> > Session on User Login > >>> > >>> > To: "Jetspeed Users > List" <[email protected]> > >>> > >>> > Date: Wednesday, March > 2, 2011, 2:59 PM > >>> > >>> > I used to get > session in valve as > >>> > >>> > > requestContext.getRequest().getSession() > >>> > >>> > and then set attribute > in session. > >>> > However i am not able to > >>> > >>> > get this > >>> > >>> > attribute in portlet > JSP page from > >>> > HttpSession or > >>> > >>> > PortletSession. This > seems > >>> > >>> > to be same problem as > given in another > >>> > thread at > >>> > >>> > > >>> http://permalink.gmane.org/gmane.comp.jakarta.jetspeed.user/23626 > >>> > >>> > > >>> > >>> > Probably if i could set > the attribute in > >>> > portletsession and > >>> > >>> > with > >>> > >>> > APPLICATION_SCOPE that > may be available. > >>> > But its not > >>> > >>> > possibel to get > portlet > >>> > >>> > session in valve. > >>> > >>> > > >>> > >>> > > >>> > >>> > > >>> > >>> > > >>> > >>> > > >>> > >>> > On Wed, Mar 2, 2011 at > 5:54 PM, anyz > >>> > <[email protected]> > >>> > >>> > wrote: > >>> > >>> > > >>> > >>> > > In custom security > valve if i set an > >>> > attribute in > >>> > >>> > session. Later i 'm > not > >>> > >>> > > able to get this > attribute in > >>> > portlet JSP page. It is > >>> > >>> > always > >>> > >>> > > NULL. Application > is deployed on > >>> > Tomcat and already > >>> > >>> > have set > >>> > >>> > > > crossContext="true". Does the > >>> > session get overridden > >>> > >>> > somewhere? > >>> > >>> > > > >>> > >>> > > Thanks > >>> > >>> > > > >>> > >>> > > > On Wed, Mar 2, 2011 > >>> > at 3:59 PM, anyz > >>> > >>> > <[email protected]> > >>> > >>> > wrote: > >>> > >>> > > > >>> > >>> > >> I think i got > it...added the > >>> > custom valve in > >>> > >>> > default jetspeed > pipeline > >>> > >>> > >> that is in the > following bean: > >>> > >>> > >> > >>> > >>> > >> <bean > >>> > id="jetspeed-pipeline"......../> > >>> > >>> > >> > >>> > >>> > >> It is added > after <ref > >>> > >>> > > bean="loginValidationValve" /> in > >>> > constructor > >>> > >>> > >> argument list. > Now subject and > >>> > everything is > >>> > >>> > available.] > >>> > >>> > >> > >>> > >>> > >> Is this > correct way to do > >>> > things? > >>> > >>> > >> > >>> > >>> > >> > >>> > >>> > >> > >>> > >>> > >> > >>> > >>> > >> On Wed, Mar 2, > 2011 at 3:37 PM, > >>> > anyz <[email protected]> > >>> > >>> > wrote: > >>> > >>> > >> > >>> > >>> > >>> I added > custom valve in > >>> > "login-pipeline" bean > >>> > >>> > defined in > pipelines.xml > >>> > >>> > >>> that is > probably not right > >>> > place to do. > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> On Wed, > Mar 2, 2011 at 3:10 > >>> > PM, anyz <[email protected]> > >>> > >>> > wrote: > >>> > >>> > >>> > >>> > >>> > >>>> I > implemented my custom > >>> > valve by extending > >>> > >>> > AbstractSecurityValve. > The > >>> > >>> > >>>> > documentation says this > >>> > valve > >>> > >>> > "Authenticates the user > or redirects to > >>> > Login > >>> > >>> > >>>> if > necessary, adds the > >>> > authenticated > >>> > >>> > Subject to the > RequestContext." > >>> > >>> > >>>> > However in the invoke() > >>> > method as i try to > >>> > >>> > get subject from > request > >>> > >>> > >>>> > context its always > >>> > NULL. > >>> > >>> > >>>> > >>> > >>> > >>>> My > understanding is this > >>> > valve invokes > >>> > >>> > login module to > authenticate user > >>> > >>> > >>>> and > once authentication > >>> > done it sets teh > >>> > >>> > subject in request > context. I have > >>> > >>> > >>>> called > the > >>> > super.invoke(rc,vc) in my > >>> > >>> > custom valve but > subject is always > >>> > >>> > >>>> NULL. > >>> > >>> > >>>> > >>> > >>> > >>>> Could > you please guide > >>> > what am i missing? > >>> > >>> > >>>> > >>> > >>> > >>>> > Thanks > >>> > >>> > >>>> > >>> > >>> > >>>> > >>> > >>> > >>>> > >>> > >>> > >>>> On > Wed, Mar 2, 2011 at > >>> > 4:17 AM, Woonsan Ko > >>> > >>> > <[email protected]> > >>> > >>> > wrote: > >>> > >>> > >>>> > >>> > >>> > >>>>> > >>> > >>> > >>>>> > --- On Tue, 3/1/11, > >>> > anyz <[email protected]> > >>> > >>> > wrote: > >>> > >>> > >>>>> > >>> > >>> > >>>>> > > From: anyz > >>> > <[email protected]> > >>> > >>> > >>>>> > > Subject: > >>> > Storing Custom Object in > >>> > >>> > Session on User Login > >>> > >>> > >>>>> > > To: "Jetspeed > >>> > Users List" <[email protected]> > >>> > >>> > >>>>> > > Date: Tuesday, > >>> > March 1, 2011, > >>> > >>> > 6:49 AM > >>> > >>> > >>>>> > > I need to set a > >>> > custom class > >>> > >>> > object > >>> > >>> > >>>>> > > into session > >>> > once user logged > >>> > >>> > into > >>> > >>> > >>>>> > > Jetspeed. This > >>> > object will be > >>> > >>> > accessed and used later > by > >>> > >>> > >>>>> > > portlets. > >>> > After > >>> > >>> > >>>>> > > searching into > >>> > email list and > >>> > >>> > forum i found two ways > of > >>> > >>> > >>>>> > > intercepting > >>> > J2 > >>> > >>> > >>>>> > > login process: > >>> > >>> > >>>>> > > > >>> > >>> > >>>>> > > 1- Custom Login > >>> > Module > >>> > >>> > >>>>> > > 2- Custom > >>> > Security Valve and > >>> > >>> > possibly Filter (not > sure if > >>> > >>> > >>>>> > > Filter works > >>> > in > >>> > >>> > >>>>> > > Jetspeed 2.2.1 > >>> > or its for old > >>> > >>> > version) > >>> > >>> > >>>>> > > > >>> > >>> > >>>>> > > I manged to > >>> > plug my custom login > >>> > >>> > module however i could > not > >>> > >>> > >>>>> > > find a way to > >>> > >>> > >>>>> > > get session in > >>> > login() method and > >>> > >>> > set my custom class > >>> > >>> > >>>>> > > object into > >>> > session. > >>> > >>> > >>>>> > > Is it possible > >>> > to get HttpSession > >>> > >>> > in custom login > module? > >>> > >>> > >>>>> > >>> > >>> > >>>>> It > is not possible > >>> > to access > >>> > >>> > HttpSession in a JAAS > LoginModule. > >>> > >>> > >>>>> > >>> > >>> > >>>>> > > > >>> > >>> > >>>>> > > If i have write > >>> > security valve, > >>> > >>> > do i also need some > sort of > >>> > >>> > >>>>> > > Serverlt > >>> > filter > >>> > >>> > >>>>> > > where i can set > >>> > custom object > >>> > >>> > into session. > >>> > >>> > >>>>> > >>> > >>> > >>>>> > You don't need a > >>> > servlet filter if you > >>> > >>> > use a custom security > valve. > >>> > >>> > >>>>> > Servlet filter such > >>> > as > >>> > >>> > PoralLoginFilter is > enabled/used only for > >>> > some > >>> > >>> > >>>>> > environment like WAS > >>> > instead of > >>> > >>> > Jetspeed JAAS > LoginModule. > >>> > >>> > >>>>> > >>> > >>> > >>>>> > >>> > >>> > >>>>> > Woonsan > >>> > >>> > >>>>> > >>> > >>> > >>>>> > > > >>> > >>> > >>>>> > > > >>> > >>> > >>>>> > > Thanks > >>> > >>> > >>>>> > > > >>> > >>> > >>>>> > >>> > >>> > >>>>> > >>> > >>> > >>>>> > >>> > >>> > >>>>> > >>> > >>> > >>>>> > >>> > >>> > > >>> > > --------------------------------------------------------------------- > >>> > >>> > >>>>> To > unsubscribe, > >>> > e-mail: > >>> > >>> [email protected] > >>> > >>> > >>>>> > For additional > >>> > commands, e-mail: > >>> > >>> [email protected] > >>> > >>> > >>>>> > >>> > >>> > >>>>> > >>> > >>> > >>>> > >>> > >>> > >>> > >>> > >>> > >> > >>> > >>> > > > >>> > >>> > > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> > > --------------------------------------------------------------------- > >>> > >>> To unsubscribe, e-mail: > >>> [email protected] > >>> > >>> For additional commands, > e-mail: > >>> [email protected] > >>> > >>> > >>> > >>> > >>> > >> > >>> > > > >>> > > >>> > >>> > >>> > >>> > >>> > --------------------------------------------------------------------- > >>> To unsubscribe, e-mail: [email protected] > >>> For additional commands, e-mail: [email protected] > >>> > >>> > >> > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
