[jboss-user] [EJB 3.0] - Re: Storing user info on server

[jwcone]

"roeladriaensens" wrote : What about simply using a custom principal on server side, one that contains your user information?
I considered this, but didn't pursue it because it seemed like I would be using the Principal for a purpose it wasn't really intended for.  That is, for some types of user information (e.g. a SSN), a custom Principal is appropriate.  However, I'm also talking about a more variable, cache-like approach (e.g. storing the currently active account that's being accessed, or a list of account codes the authenticated user is allowed to access -- in my project, a user can access multiple "accounts" which correspond to different database resources, among other things).  

I guess it would still work.  I haven't created a custom Principal, before, though.  If I were to do this, would I have any difficulty using the custom Principal as a cache that could be read and written to at run-time (e.g. if the authenticated user changed to a different active account, for example).


View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4135029#4135029

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4135029