Thanks David . As i am newbie i would appreciate a snippet code on how to place the authentication object into a ThreadLocal object so that its available to Spring layer w/o any runtime binding
Here is what i am doing currently The Homegrown security application on successful authentication returns Request Header Variables i.e. userId which i retrieve thru FaceContext in JSF backing bean i.e. LoginBean, based on which i retrieve user roles from the database. As a next step, i wrap user Id and user roles into Http Session object and pass it on as argument to business method in Spring Regards Bansi Nebinger, David wrote: > >> Thanks Everyone for providing valuable suggestions We >> usein-house Security system which gives employee Id and >> Roles on successful authentication. We need to store >> employee Id &Roles into some kind of object maybe session so >> that it can be accessible by any Spring bean in the business layer. >> David i totally agree with you that i should rethink my >> design . Not sure whats the best practice to pass user info >> viz. user Id , user Roles , privileges etc from JSF to Spring. >> Are you refering to POJO instead of session object for >> wrapping userId and roles. Thats a good idea even i thought >> about BUT users will have different session objects with >> their user Info in it and also we want the Lifecycle of the >> object to be under session i.e. as the session terminates the >> object should be destroyed > > Well, I guess an option here is to mimic what acegi would do; place the > authentication object into a ThreadLocal object. That way it is > available to any layer w/o requiring any runtime binding... > > > -- View this message in context: http://www.nabble.com/How-to-Share-Session-between-JSF%28MyFaces%29-and-Spring-tf3772789.html#a10687416 Sent from the MyFaces - Users mailing list archive at Nabble.com.
