Hi Jeremy Thanks. I'll raise my stupid question again.. it really seems I'm missing something elementary here! I'd like to know how do I go about setting a custom principal object. What interface/class to implement/override.
Animesh On Mon, Sep 15, 2008 at 11:03 PM, Jeremy Haile <[EMAIL PROTECTED]> wrote: > I prefer that approach as well. Simply provide a custom principal object > that has several simple properties with the information you want (user ID, > username, etc.) > The only risk is that any information that is updated during a session may > not be reflected in the principal, so you have to be careful not to use > stale data. In my applications, I typically store the user ID in there then > use that to pull the User object from Hibernate. Since Hibernate caches my > User object in EhCache, this is not a DB hit. > > But if you do have data that doesn't change (such as user ID and username) > returning a principal object with multiple properties works great! > > Jeremy > > > > On Sep 15, 2008, at 1:28 PM, Animesh Jain wrote: > > Hey Les > > Well I'm willing to not use a hibernated object for the principal. I think > it'll be convenient to have access to data like first name, last name, > email, user id etc in the principal object. The reason I'd prefer a > principal object rather than a collection of primitive types is that it is > easier to say property="name", than iterating through the principals and get > the n'th element. > > But I really did not get where I need to set this principal object or a > collection of primitive type principals. Which interface/class should I > implement/extend and how should I tell Jsecurity about it?? The realm > doesn't seem to have any setPrincipal method to implement. > > Thanks a lot for the quick replies Les :) > > Animesh > > On Mon, Sep 15, 2008 at 10:49 PM, Les Hazlewood <[EMAIL PROTECTED]> wrote: > >> Ah, the 'property' attribute is for a property of the principal, if it >> is not a primitive object. >> >> For example, you could have a UserPrincipal class that wraps a >> username property and an id. Then you could say <jsec:principal >> property="username"/> >> >> and that would equate to this Java call: >> >> subject.getPrincipal().getUsername(); (using reflection of course, >> because getPrincipal returns an object). >> >> But since you're storing primitive values in the PrincipalCollection, >> there is no need for you to use this attribute in the jsec tag. It is >> much simpler if you do things that way if you can ;) >> >> But yes, the Principal can be the User object itself, but this is not >> recommended. A PrincipalCollection is often serialized to the client >> in the form of a cookie and then deserialized later. If your User >> objects are 'hibernated', and it appears that yours are, then that >> User object wouldn't be associated with a Hibernate Session, and if >> you needed lazy loading, you'd get the infamous >> LazyInitializationException. Plus because Hibernate objects are often >> CGLib proxies, your serialized data (cookie) could be kind of large - >> not really desirable. >> >> On Mon, Sep 15, 2008 at 1:04 PM, Animesh Jain <[EMAIL PROTECTED]> >> wrote: >> > Hi Les >> > >> > Yup all that sounds good, but I was wondering what the "property" >> attribute >> > was for in the jsec:principal tag. Isn't there a way to lets say put the >> > user domain object into the principal. Because the documentation (and >> the >> > tag implemetation) does seem to imply that this is possible. >> jsec:principal >> > would then by default print principalObject.toString(). >> > >> > Animesh >> > >> > On Mon, Sep 15, 2008 at 10:28 PM, Les Hazlewood <[EMAIL PROTECTED]> >> wrote: >> >> >> >> Hi Animesh, >> >> >> >> You can store more than one principal in the PrincipalCollection >> >> returned by the realm. Its just the first one in that collection is, >> >> by convention, the 'primary identifier' of your user (e.g. user id, >> >> username, etc). In your case, this sounds like it is the email >> >> address. But you could add more to the principal collection. >> >> >> >> But that would require you to do this in code: >> >> >> >> Iterator i = subject.getPrincipals().iterator(); >> >> i.next(); //skip the primary one. >> >> String username = (String)i.next(); >> >> >> >> //print out the username. >> >> >> >> Currently the <jsec:principal/> tag does not support anything like >> >> <jsec:principal index="1"/>, which would print out the 2nd principal >> >> in the collection, which it sounds like is what you want. >> >> >> >> If you want this functionality, please open a Jira issue, and we'll be >> >> sure to get it in the next release. >> >> >> >> Also, what a lot of people do is issue a query for that information as >> >> needed: >> >> >> >> String email = subject.getPrincipal(); >> >> String username = userDAO.getUsername( email ); >> >> //print out the username. >> >> >> >> If you have Hibernate 2nd-level caching enabled, and User instances >> >> are in the 2nd-level cache, this won't 'hit' the database. The DAO >> >> implementation would be something like this (if you have 2nd-level >> >> cache enabled): >> >> >> >> User user = hibernateSession.load( User.class, userId ); >> >> return user.getUsername(); >> >> >> >> If you don't have 2nd-level cache enabled for users, you'd have to do a >> >> query: >> >> >> >> "select u.username from User u where u.id = ?"; >> >> >> >> HTH, >> >> >> >> Les >> >> >> >> On Mon, Sep 15, 2008 at 8:19 AM, Animesh Jain <[EMAIL PROTECTED]> >> >> wrote: >> >> > Hi all >> >> > >> >> > I've implemented a custom HibernateRealm by extending the >> >> > AuthorizingRealm >> >> > and things seem to be working pretty good i.e. I'm able to >> login/logout >> >> > users and check roles. >> >> > >> >> > Now, on each of my application screens I'd like to print something >> like >> >> > Hi >> >> > <Name>. But my logins are done using unique emails and so, when I try >> to >> >> > use >> >> > the <jsec:principal/> tag the email gets printed. There's no >> reference >> >> > to >> >> > the user name I have here. How should I go about storing a user >> defined >> >> > principal object here, as I can see the jsec:principal tag also has >> >> > attributes to retrieve values from a property of a principal object. >> In >> >> > my >> >> > case this is a string, how should I set it to something else. >> >> > >> >> > Kind regards >> >> > Animesh >> >> > >> >> > >> > >> > >> > > >
