You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tapestry.apache.org by Anastasios Angelidis <vo...@videotron.ca> on 2005/02/28 22:44:14 UTC
Tracking login with declerative security.
So I have manged to get friendly URLs working. I also have my security
working. So when a specific URL is accessed, a user is presented with
the basic auth window...
What I would like to do, is once that user has been authed to track that
principal so I can use to query for data realted to that user.
So I figure once the home page of the secured resource is hit, to get
the principal from the servlet context and store it into the Visit object.
This should be done in the init phase of the home page right? Also I
would check that the principal is not null in the Visit object and only
add if it hasn't?
Thanks
---------------------------------------------------------------------
To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
Re: Tracking login with declerative security.
Posted by Matt Raible <li...@raibledesigns.com>.
You could just use request.getRemoteUser() - that'll give you the
username of the logged in user.
Matt
On Feb 28, 2005, at 2:44 PM, Anastasios Angelidis wrote:
> So I have manged to get friendly URLs working. I also have my security
> working. So when a specific URL is accessed, a user is presented with
> the basic auth window...
>
> What I would like to do, is once that user has been authed to track
> that principal so I can use to query for data realted to that user.
>
> So I figure once the home page of the secured resource is hit, to get
> the principal from the servlet context and store it into the Visit
> object.
>
> This should be done in the init phase of the home page right? Also I
> would check that the principal is not null in the Visit object and
> only add if it hasn't?
>
> Thanks
>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
Re: Tracking login with declerative security.
Posted by Anastasios Angelidis <vo...@videotron.ca>.
Ok I see...
I had to add the servlet jar to the build path... Iguess this is an
eclipse bug :|
But shouldn't code complition still show all message signatures anyways?
Anastasios Angelidis wrote:
> Humm I see... at least in eclipse code complition...
>
> String cycle.getRequestContext.getRequestURI()
>
> Paul Ferraro wrote:
>
>> Yup.
>> cycle.getRequestContext().getRequest();
>>
>> Paul
>>
>> Anastasios Angelidis wrote:
>>
>>> Cool the HttpServletRequest is available through what class?
>>>
>>> It's not IRequestCycle is it?
>>>
>>> Paul Ferraro wrote:
>>>
>>>> There is really no reason to store the Principal in your Visit
>>>> object. Once authenticated, HttpServletRequest.getUserPrincipal()
>>>> will return the appropriate value every request.
>>>>
>>>> Paul
>>>>
>>>> Anastasios Angelidis wrote:
>>>>
>>>>> So I have manged to get friendly URLs working. I also have my
>>>>> security working. So when a specific URL is accessed, a user is
>>>>> presented with the basic auth window...
>>>>>
>>>>> What I would like to do, is once that user has been authed to
>>>>> track that principal so I can use to query for data realted to
>>>>> that user.
>>>>>
>>>>> So I figure once the home page of the secured resource is hit, to
>>>>> get the principal from the servlet context and store it into the
>>>>> Visit object.
>>>>>
>>>>> This should be done in the init phase of the home page right? Also
>>>>> I would check that the principal is not null in the Visit object
>>>>> and only add if it hasn't?
>>>>>
>>>>> Thanks
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
>>>>> For additional commands, e-mail:
>>>>> tapestry-user-help@jakarta.apache.org
>>>>>
>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
>>>> For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
>>>>
>>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
>>> For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
>>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
>> For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
Re: Tracking login with declerative security.
Posted by Anastasios Angelidis <vo...@videotron.ca>.
Humm I see... at least in eclipse code complition...
String cycle.getRequestContext.getRequestURI()
Paul Ferraro wrote:
> Yup.
> cycle.getRequestContext().getRequest();
>
> Paul
>
> Anastasios Angelidis wrote:
>
>> Cool the HttpServletRequest is available through what class?
>>
>> It's not IRequestCycle is it?
>>
>> Paul Ferraro wrote:
>>
>>> There is really no reason to store the Principal in your Visit
>>> object. Once authenticated, HttpServletRequest.getUserPrincipal()
>>> will return the appropriate value every request.
>>>
>>> Paul
>>>
>>> Anastasios Angelidis wrote:
>>>
>>>> So I have manged to get friendly URLs working. I also have my
>>>> security working. So when a specific URL is accessed, a user is
>>>> presented with the basic auth window...
>>>>
>>>> What I would like to do, is once that user has been authed to track
>>>> that principal so I can use to query for data realted to that user.
>>>>
>>>> So I figure once the home page of the secured resource is hit, to
>>>> get the principal from the servlet context and store it into the
>>>> Visit object.
>>>>
>>>> This should be done in the init phase of the home page right? Also
>>>> I would check that the principal is not null in the Visit object
>>>> and only add if it hasn't?
>>>>
>>>> Thanks
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
>>>> For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
>>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
>>> For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
>>>
>>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
>> For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
Re: Tracking login with declerative security.
Posted by Paul Ferraro <pm...@columbia.edu>.
Yup.
cycle.getRequestContext().getRequest();
Paul
Anastasios Angelidis wrote:
> Cool the HttpServletRequest is available through what class?
>
> It's not IRequestCycle is it?
>
> Paul Ferraro wrote:
>
>> There is really no reason to store the Principal in your Visit
>> object. Once authenticated, HttpServletRequest.getUserPrincipal()
>> will return the appropriate value every request.
>>
>> Paul
>>
>> Anastasios Angelidis wrote:
>>
>>> So I have manged to get friendly URLs working. I also have my
>>> security working. So when a specific URL is accessed, a user is
>>> presented with the basic auth window...
>>>
>>> What I would like to do, is once that user has been authed to track
>>> that principal so I can use to query for data realted to that user.
>>>
>>> So I figure once the home page of the secured resource is hit, to
>>> get the principal from the servlet context and store it into the
>>> Visit object.
>>>
>>> This should be done in the init phase of the home page right? Also I
>>> would check that the principal is not null in the Visit object and
>>> only add if it hasn't?
>>>
>>> Thanks
>>>
>>>
>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
>>> For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
>>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
>> For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
Re: Tracking login with declerative security.
Posted by Anastasios Angelidis <vo...@videotron.ca>.
Cool the HttpServletRequest is available through what class?
It's not IRequestCycle is it?
Paul Ferraro wrote:
> There is really no reason to store the Principal in your Visit object.
> Once authenticated, HttpServletRequest.getUserPrincipal() will return
> the appropriate value every request.
>
> Paul
>
> Anastasios Angelidis wrote:
>
>> So I have manged to get friendly URLs working. I also have my
>> security working. So when a specific URL is accessed, a user is
>> presented with the basic auth window...
>>
>> What I would like to do, is once that user has been authed to track
>> that principal so I can use to query for data realted to that user.
>>
>> So I figure once the home page of the secured resource is hit, to get
>> the principal from the servlet context and store it into the Visit
>> object.
>>
>> This should be done in the init phase of the home page right? Also I
>> would check that the principal is not null in the Visit object and
>> only add if it hasn't?
>>
>> Thanks
>>
>>
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
>> For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
Re: Tracking login with declerative security.
Posted by Paul Ferraro <pm...@columbia.edu>.
There is really no reason to store the Principal in your Visit object.
Once authenticated, HttpServletRequest.getUserPrincipal() will return
the appropriate value every request.
Paul
Anastasios Angelidis wrote:
> So I have manged to get friendly URLs working. I also have my security
> working. So when a specific URL is accessed, a user is presented with
> the basic auth window...
>
> What I would like to do, is once that user has been authed to track
> that principal so I can use to query for data realted to that user.
>
> So I figure once the home page of the secured resource is hit, to get
> the principal from the servlet context and store it into the Visit
> object.
>
> This should be done in the init phase of the home page right? Also I
> would check that the principal is not null in the Visit object and
> only add if it hasn't?
>
> Thanks
>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tapestry-user-help@jakarta.apache.org