Hi,
I'll also prefer a J2EE security model over a login bean.
For page authorization you may take a look at new SecurityContext.
http://wiki.apache.org/myfaces/SecurityContext
Regards,
Cagatay
On 12/7/06, ::SammyRulez:: <[EMAIL PROTECTED]> wrote:
I use standard j2ee security model. on tomcat jsbce realms works fine
when you want to know the username just
FacesContext.getCurrentInstance
().getExternalContext().getUserPrincipal().getName()
and tomahawk components has a lot of visibleOnUserRole attribute that
allows you to forgot about permissions in your business code...
2006/12/7, [EMAIL PROTECTED] <[EMAIL PROTECTED]>:
> Hi,
> I'm wondering what solution for that you got boys:
> - how should I pass the password and the user login through
> beans, as I need both of them to retrieve data form database.
>
> Is good enough to have loginBean.java and then on each bean which
> needs connect to db do something like:
> FacesContext context = FacesContext.getCurrentInstance();
> ValueBinding vb =
> context.getApplication().createValueBinding("#{loginBean}");
>
> u = ((UserBean) vb.getValue(context));
> userName = u.getLoginName();
> passwd = u.getPasswd();
>
> Or better solution will be put user and password to the session
like:
> FacesContext fc = FacesContext.getCurrentInstance();
> HttpSession session = (HttpSession)
> fc.getExternalContext().getSession(false);
> session.setAttribute("USER", loginName);
> and then retrieve it when necessery:
> HttpSession session = (HttpSession)
> context.getExternalContext().getSession(false);
> session.getAttribute("USER");
>
> Thanks for any suggestion!
>
> Tomek
>
--
::SammyRulez::
http://www.kyub.com/blog/
-----------------------------------------------------------------
La programmazione รจ per un terzo interpretazione e per due terzi
ispirazione.
E per un terzo mistificazione
