Re: Wasp/Swarm: change LoginContext in Session

Wed, 11 Jun 2008 05:25:07 -0700 

Didn't we use custom actions for those locations?
A user could have global or location permissions, right?

In that case the permissions would be the same for each location. The
only difference would be in the fact that the user has or does not
have a location. which is checked by your securitychecks.

So i don't really see why you would require a new set of permissions.

However if you must :)
By default a logincontext blocks additional logins, but you can change
that (constructor flag), you can then login again using another
logincontext. Your user now has the combined permissions of both
logincontexts, which in your case is not what you want but you can do
a logoff of the first logincontext. As long as there is a logincontext
active the session won't be destroyed.

Maurice

On Wed, Jun 11, 2008 at 12:33 PM, Andrea Jahn
<[EMAIL PROTECTED]> wrote:
> Hi,
>
> in our application the user's rights depend on the location (Munich,
> Berlin,...).
> There's a drop down choice, where the user can change the location, on which
> he wants to work.
>
> So, when he changes the location, also the principals (permissions) have to
> be changed.
>
> How can I remove the old principals and add new ones within the same session
> ?
>
> Is it possible to remove the LoginContext from the session and add a new one
> ?
>
> Thanks
> Andrea
>
>
>
> ApplLoginContext:
> -----------------------
>
> public class ApplLoginContext extends LoginContext
> {
>  ...
>  public final Subject login() throws LoginException
>  {
>     ...
>  DefaultSubject subject = new DefaultSubject ();
>  ...
>  // grant principals
>  subject.addPrincipal(new SimplePrincipal("TEST_ADMIN"));
>
>  return subject;
>  }
> }
>
> Login.java:
> --------------
>
> public class Login extends AppBasePage
> {
>  ...
>  public class LoginForm extends Form
>  {
>  ...
>  public void onSubmit()
>  {
>   ...
>   // add principals of logged in user to the context
>   ApplLoginContext context = new ApplLoginContext(loggedInPerson);
>   try
>   {
>     ((WaspSession)getSession()).login(context);
>   }
>   catch (LoginException e)
>   {
>    ...
>   }
>  }
>  }
> }
>

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to