RE: Best strategy for adding a user object to the session

Tue, 03 Sep 2002 04:48:49 -0700 

I'm using container managed security, so I don't have a login action! ;)


I just finished implementing it by subclassing the TilesRequestProcessor
class and it seems to be working just fine:

  protected boolean processPreprocess(HttpServletRequest request,
                                        HttpServletResponse response) {
    if(request.getSession().getAttribute("user") == null) {
      loadUser(request.getSession(), request.getRemoteUser());
    }
    return true;
  }

  private void loadUser(HttpSession session, String userid) {
    User user = UserDAO.getInstance().getInstance().getUser(userid);
    if(user != null) {
      session.setAttribute("user", user);
    } else {
      log.fatal("User " + userid + " is authenticated but is not in the
database!");
    }
  }



> -----Original Message-----
> From: Robert Taylor [mailto:[EMAIL PROTECTED]] 
> Sent: Tuesday, September 03, 2002 1:55 PM
> To: Struts Users Mailing List
> Subject: RE: Best strategy for adding a user object to the session
> 
> 
> Why not put it (the code/logic/delegate) in the Action class 
> which supports the login request?
> 
> Something like:
> 
> -submit request to login
> -capture login credentials
> -authenticate against the database
> -retrieve user info
> -place user info in session
> 
> robert
> 
> 
> 
> > -----Original Message-----
> > From: Michael [mailto:[EMAIL PROTECTED]]
> > Sent: Tuesday, September 03, 2002 7:28 AM
> > To: Struts Users Mailing List
> > Subject: Best strategy for adding a user object to the session
> >
> >
> > I want to add a user object (that I create with information from the
> > database) to the session as soon as a user logs in.  I 
> don't want to 
> > add code to each action subclass to do this, so my question 
> is where 
> > is the best place to put it?  It sounds like subclassing the Struts 
> > RequestProcessor is the way to go.  Is this the best way?
> >
> > Michael
> >
> >
> > --
> > To unsubscribe, e-mail: 
> > <mailto:[EMAIL PROTECTED]>
> > For additional commands, e-mail: 
> > <mailto:[EMAIL PROTECTED]>
> >
> 
> 
> --
> To unsubscribe, e-mail:   
> <mailto:struts-user-> [EMAIL PROTECTED]>
> For 
> additional commands, 
> e-mail: <mailto:[EMAIL PROTECTED]>
> 


--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Reply via email to