You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tapestry.apache.org by Anastasios Angelidis <vo...@videotron.ca> on 2005/02/28 22:44:14 UTC

Tracking login with declerative security.

So I have manged to get friendly URLs working. I also have my security 
working. So when a specific URL is accessed, a user is presented with 
the basic auth window...

What I would like to do, is once that user has been authed to track that 
principal so I can use to query for data realted to that user.

So I figure once the home page of the secured resource is hit, to get 
the principal from the servlet context and store it into the Visit object.

This should be done in the init phase of the home page right? Also I 
would check that the principal is not null in the Visit object and only 
add if it hasn't?

Thanks





---------------------------------------------------------------------
To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tapestry-user-help@jakarta.apache.org

Re: Tracking login with declerative security.

Posted by Matt Raible <li...@raibledesigns.com>.

You could just use request.getRemoteUser() - that'll give you the 
username of the logged in user.

Matt

On Feb 28, 2005, at 2:44 PM, Anastasios Angelidis wrote:

> So I have manged to get friendly URLs working. I also have my security 
> working. So when a specific URL is accessed, a user is presented with 
> the basic auth window...
>
> What I would like to do, is once that user has been authed to track 
> that principal so I can use to query for data realted to that user.
>
> So I figure once the home page of the secured resource is hit, to get 
> the principal from the servlet context and store it into the Visit 
> object.
>
> This should be done in the init phase of the home page right? Also I 
> would check that the principal is not null in the Visit object and 
> only add if it hasn't?
>
> Thanks
>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tapestry-user-help@jakarta.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tapestry-user-help@jakarta.apache.org

Re: Tracking login with declerative security.

Posted by Anastasios Angelidis <vo...@videotron.ca>.

Ok I see...

I had to add the servlet jar to the build path... Iguess this is an 
eclipse bug :|

But shouldn't code complition still show all message signatures anyways?


Anastasios Angelidis wrote:

> Humm I see... at least in eclipse code complition...
>
> String cycle.getRequestContext.getRequestURI()
>
> Paul Ferraro wrote:
>
>> Yup.
>> cycle.getRequestContext().getRequest();
>>
>> Paul
>>
>> Anastasios Angelidis wrote:
>>
>>> Cool the HttpServletRequest is available through what class?
>>>
>>> It's not IRequestCycle is it?
>>>
>>> Paul Ferraro wrote:
>>>
>>>> There is really no reason to store the Principal in your Visit 
>>>> object. Once authenticated, HttpServletRequest.getUserPrincipal() 
>>>> will return the appropriate value every request.
>>>>
>>>> Paul
>>>>
>>>> Anastasios Angelidis wrote:
>>>>
>>>>> So I have manged to get friendly URLs working. I also have my 
>>>>> security working. So when a specific URL is accessed, a user is 
>>>>> presented with the basic auth window...
>>>>>
>>>>> What I would like to do, is once that user has been authed to 
>>>>> track that principal so I can use to query for data realted to 
>>>>> that user.
>>>>>
>>>>> So I figure once the home page of the secured resource is hit, to 
>>>>> get the principal from the servlet context and store it into the 
>>>>> Visit object.
>>>>>
>>>>> This should be done in the init phase of the home page right? Also 
>>>>> I would check that the principal is not null in the Visit object 
>>>>> and only add if it hasn't?
>>>>>
>>>>> Thanks
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
>>>>> For additional commands, e-mail: 
>>>>> tapestry-user-help@jakarta.apache.org
>>>>>
>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
>>>> For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
>>>>
>>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
>>> For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
>>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
>> For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
>
>


---------------------------------------------------------------------
To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tapestry-user-help@jakarta.apache.org

Re: Tracking login with declerative security.

Posted by Anastasios Angelidis <vo...@videotron.ca>.

Humm I see... at least in eclipse code complition...

String cycle.getRequestContext.getRequestURI()

Paul Ferraro wrote:

> Yup.
> cycle.getRequestContext().getRequest();
>
> Paul
>
> Anastasios Angelidis wrote:
>
>> Cool the HttpServletRequest is available through what class?
>>
>> It's not IRequestCycle is it?
>>
>> Paul Ferraro wrote:
>>
>>> There is really no reason to store the Principal in your Visit 
>>> object. Once authenticated, HttpServletRequest.getUserPrincipal() 
>>> will return the appropriate value every request.
>>>
>>> Paul
>>>
>>> Anastasios Angelidis wrote:
>>>
>>>> So I have manged to get friendly URLs working. I also have my 
>>>> security working. So when a specific URL is accessed, a user is 
>>>> presented with the basic auth window...
>>>>
>>>> What I would like to do, is once that user has been authed to track 
>>>> that principal so I can use to query for data realted to that user.
>>>>
>>>> So I figure once the home page of the secured resource is hit, to 
>>>> get the principal from the servlet context and store it into the 
>>>> Visit object.
>>>>
>>>> This should be done in the init phase of the home page right? Also 
>>>> I would check that the principal is not null in the Visit object 
>>>> and only add if it hasn't?
>>>>
>>>> Thanks
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
>>>> For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
>>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
>>> For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
>>>
>>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
>> For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
>
>


---------------------------------------------------------------------
To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tapestry-user-help@jakarta.apache.org

Re: Tracking login with declerative security.

Posted by Paul Ferraro <pm...@columbia.edu>.

Yup.
cycle.getRequestContext().getRequest();

Paul

Anastasios Angelidis wrote:

> Cool the HttpServletRequest is available through what class?
>
> It's not IRequestCycle is it?
>
> Paul Ferraro wrote:
>
>> There is really no reason to store the Principal in your Visit 
>> object. Once authenticated, HttpServletRequest.getUserPrincipal() 
>> will return the appropriate value every request.
>>
>> Paul
>>
>> Anastasios Angelidis wrote:
>>
>>> So I have manged to get friendly URLs working. I also have my 
>>> security working. So when a specific URL is accessed, a user is 
>>> presented with the basic auth window...
>>>
>>> What I would like to do, is once that user has been authed to track 
>>> that principal so I can use to query for data realted to that user.
>>>
>>> So I figure once the home page of the secured resource is hit, to 
>>> get the principal from the servlet context and store it into the 
>>> Visit object.
>>>
>>> This should be done in the init phase of the home page right? Also I 
>>> would check that the principal is not null in the Visit object and 
>>> only add if it hasn't?
>>>
>>> Thanks
>>>
>>>
>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
>>> For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
>>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
>> For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
>


---------------------------------------------------------------------
To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tapestry-user-help@jakarta.apache.org

Re: Tracking login with declerative security.

Posted by Anastasios Angelidis <vo...@videotron.ca>.

Cool the HttpServletRequest is available through what class?

It's not IRequestCycle is it?

Paul Ferraro wrote:

> There is really no reason to store the Principal in your Visit object. 
> Once authenticated, HttpServletRequest.getUserPrincipal() will return 
> the appropriate value every request.
>
> Paul
>
> Anastasios Angelidis wrote:
>
>> So I have manged to get friendly URLs working. I also have my 
>> security working. So when a specific URL is accessed, a user is 
>> presented with the basic auth window...
>>
>> What I would like to do, is once that user has been authed to track 
>> that principal so I can use to query for data realted to that user.
>>
>> So I figure once the home page of the secured resource is hit, to get 
>> the principal from the servlet context and store it into the Visit 
>> object.
>>
>> This should be done in the init phase of the home page right? Also I 
>> would check that the principal is not null in the Visit object and 
>> only add if it hasn't?
>>
>> Thanks
>>
>>
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
>> For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
>
>


---------------------------------------------------------------------
To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tapestry-user-help@jakarta.apache.org

Re: Tracking login with declerative security.

Posted by Paul Ferraro <pm...@columbia.edu>.

There is really no reason to store the Principal in your Visit object. 
Once authenticated, HttpServletRequest.getUserPrincipal() will return 
the appropriate value every request.

Paul

Anastasios Angelidis wrote:

> So I have manged to get friendly URLs working. I also have my security 
> working. So when a specific URL is accessed, a user is presented with 
> the basic auth window...
>
> What I would like to do, is once that user has been authed to track 
> that principal so I can use to query for data realted to that user.
>
> So I figure once the home page of the secured resource is hit, to get 
> the principal from the servlet context and store it into the Visit 
> object.
>
> This should be done in the init phase of the home page right? Also I 
> would check that the principal is not null in the Visit object and 
> only add if it hasn't?
>
> Thanks
>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
>


---------------------------------------------------------------------
To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tapestry-user-help@jakarta.apache.org