[jboss-user] [Security & JAAS/JBoss] - Re: Adding data to session after login

[pander]

Hi j2ee_junkie,

Yes, thanks for that. I had come to the same conclusion a little while ago now. I have indeed settled for my original idea which is to populate some beans via a database query during the login process. i.e. If the user has logged in successfully then I query the database and then put the populated beans in the session for future use.

'anavailablename', if you are still stuck with what to do you could always try this:

public class DBLoginModule extends DatabaseServerLoginModule {
  | 
  | 	/** The JACC PolicyContext key for the current Subject */
  | 	public static final String WEB_REQUEST_KEY = "javax.servlet.http.HttpServletRequest";
  | 	
  | 	public boolean login() throws LoginException {
  | 				
  | 		boolean loginAccepted = super.login();
  | 
  | 		if(loginAccepted) {
  | 
  | 	        HttpServletRequest request = null;
  | 			HttpSession session = null;
  | 			try {
  | 			    request = (HttpServletRequest) PolicyContext.getContext(WEB_REQUEST_KEY);
  | 			    session = ((HttpServletRequest) request).getSession(true);
  | 	 	    } catch(PolicyContextException e) {
  | 	 	    	log.error("Unable to retrieve Policy Context: "+e.getMessage());
  | 				e.printStackTrace();
  | 				return false;
  | 	 	    }
  | 	 	    
  | 	 	    // make your database queries here and populate beans
  | 	 	    
  | 	 	    // add to session
  | 	 	    
  | 	 	    // NB: if you need to due to errors or other problems you can always revoke
  | 	 	    //     the login at any point by setting loginAccepted to false.
  | 	 	    
  | 	 	}
  | 	 	
  | 	 	return loginAccepted;
  | 	}
  | }


View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3957715#3957715

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3957715