You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@turbine.apache.org by "Diethelm Guallar, Gonzalo" <Go...@sonda.com> on 2001/08/16 21:52:41 UTC
Changing SessionValidator
I need to force a Turbine app to forget about checking
the user against the Turbine DB; in fact, the user will
NOT exist in that DB, and it will be validated by an
external process. To accomplish this, I plan to change
the SessionValidator to do basically this:
public class MySessionValidator extends TemplateSessionValidator
{
public void doPerform( RunData data ) throws Exception
{
data.setUser(TurbineSecurity.getAnonymousUser());
data.save();
}
}
Is this the right approach? Can anybody point any potential
pitfalls with this approach?
--
Gonzalo A. Diethelm
gonzalo.diethelm@sonda.com
---------------------------------------------------------------------
To unsubscribe, e-mail: turbine-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: turbine-dev-help@jakarta.apache.org
Re: Changing SessionValidator
Posted by Jon Stevens <jo...@latchkey.com>.
on 8/16/01 12:52 PM, "Diethelm Guallar, Gonzalo"
<Go...@sonda.com> wrote:
> I need to force a Turbine app to forget about checking
> the user against the Turbine DB; in fact, the user will
> NOT exist in that DB, and it will be validated by an
> external process. To accomplish this, I plan to change
> the SessionValidator to do basically this:
>
> public class MySessionValidator extends TemplateSessionValidator
> {
> public void doPerform( RunData data ) throws Exception
> {
> data.setUser(TurbineSecurity.getAnonymousUser());
> data.save();
> }
> }
>
> Is this the right approach? Can anybody point any potential
> pitfalls with this appro
That will not do any user creation/validation for you though.
You should implement your own SecurityService who does the validation
against whatever you need. Look at how DBSecurityService and
LDAPSecurityService are implemented.
-jon
---------------------------------------------------------------------
To unsubscribe, e-mail: turbine-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: turbine-dev-help@jakarta.apache.org