You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@wicket.apache.org by Andrea Jahn <an...@googlemail.com> on 2008/06/11 12:33:17 UTC
Wasp/Swarm: change LoginContext in Session
Hi,
in our application the user's rights depend on the location (Munich,
Berlin,...).
There's a drop down choice, where the user can change the location, on which
he wants to work.
So, when he changes the location, also the principals (permissions) have to
be changed.
How can I remove the old principals and add new ones within the same session
?
Is it possible to remove the LoginContext from the session and add a new one
?
Thanks
Andrea
ApplLoginContext:
-----------------------
public class ApplLoginContext extends LoginContext
{
...
public final Subject login() throws LoginException
{
...
DefaultSubject subject = new DefaultSubject ();
...
// grant principals
subject.addPrincipal(new SimplePrincipal("TEST_ADMIN"));
return subject;
}
}
Login.java:
--------------
public class Login extends AppBasePage
{
...
public class LoginForm extends Form
{
...
public void onSubmit()
{
...
// add principals of logged in user to the context
ApplLoginContext context = new ApplLoginContext(loggedInPerson);
try
{
((WaspSession)getSession()).login(context);
}
catch (LoginException e)
{
...
}
}
}
}
Re: Wasp/Swarm: change LoginContext in Session
Posted by Maurice Marrink <ma...@gmail.com>.
Why the dummy? it should work with 2 contexts just as well.
Maurice
On Wed, Jun 11, 2008 at 4:11 PM, Andrea Jahn <an...@googlemail.com> wrote:
> Yes, I have different permissions for the locations. The user can have
> different
> roles for each location and each role has different permissions.
>
> Now I made a dummy LoginContext class and for changing the LoginContext
> I first add the dummy LoginContext, then delete the old LoginContext,
> then add the new LoginContext and after that I delete the dummy
> LoginContext.
>
> This works, thank you
>
> I think I could add the DummyLoginContext, when the user is logging in.
> When the user is changing the location selection, I only would have to
> logoff for the
> old ApplLoginContext and login again for the new ApplLoginContext.
>
> Andrea
>
>
> // dummy
> DummyLoginContext context2 = new DummyLoginContext(loggedInPerson);
> ((WaspSession)session).login(context2);
>
> // destroy the old context
> ((WaspSession)session).logoff(new ApplLoginContext());
>
> // add new context to session
> ApplLoginContext context = new ApplLoginContext(loggedInPerson);
> ((WaspSession)session).login(context);
>
> // destroy the dummy context
> ((WaspSession)session).logoff(new DummyLoginContext());
>
> -------
> 2008/6/11, Maurice Marrink <ma...@gmail.com>:
>>
>> Didn't we use custom actions for those locations?
>> A user could have global or location permissions, right?
>>
>> In that case the permissions would be the same for each location. The
>> only difference would be in the fact that the user has or does not
>> have a location. which is checked by your securitychecks.
>>
>> So i don't really see why you would require a new set of permissions.
>>
>> However if you must :)
>> By default a logincontext blocks additional logins, but you can change
>> that (constructor flag), you can then login again using another
>> logincontext. Your user now has the combined permissions of both
>> logincontexts, which in your case is not what you want but you can do
>> a logoff of the first logincontext. As long as there is a logincontext
>> active the session won't be destroyed.
>>
>> Maurice
>>
>> On Wed, Jun 11, 2008 at 12:33 PM, Andrea Jahn
>> <an...@googlemail.com> wrote:
>> > Hi,
>> >
>> > in our application the user's rights depend on the location (Munich,
>> > Berlin,...).
>> > There's a drop down choice, where the user can change the location, on
>> which
>> > he wants to work.
>> >
>> > So, when he changes the location, also the principals (permissions) have
>> to
>> > be changed.
>> >
>> > How can I remove the old principals and add new ones within the same
>> session
>> > ?
>> >
>> > Is it possible to remove the LoginContext from the session and add a new
>> one
>> > ?
>> >
>> > Thanks
>> > Andrea
>> >
>> >
>> >
>> > ApplLoginContext:
>> > -----------------------
>> >
>> > public class ApplLoginContext extends LoginContext
>> > {
>> > ...
>> > public final Subject login() throws LoginException
>> > {
>> > ...
>> > DefaultSubject subject = new DefaultSubject ();
>> > ...
>> > // grant principals
>> > subject.addPrincipal(new SimplePrincipal("TEST_ADMIN"));
>> >
>> > return subject;
>> > }
>> > }
>> >
>> > Login.java:
>> > --------------
>> >
>> > public class Login extends AppBasePage
>> > {
>> > ...
>> > public class LoginForm extends Form
>> > {
>> > ...
>> > public void onSubmit()
>> > {
>> > ...
>> > // add principals of logged in user to the context
>> > ApplLoginContext context = new ApplLoginContext(loggedInPerson);
>> > try
>> > {
>> > ((WaspSession)getSession()).login(context);
>> > }
>> > catch (LoginException e)
>> > {
>> > ...
>> > }
>> > }
>> > }
>> > }
>> >
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
>> For additional commands, e-mail: users-help@wicket.apache.org
>>
>>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org
Re: Wasp/Swarm: change LoginContext in Session
Posted by Andrea Jahn <an...@googlemail.com>.
Yes, I have different permissions for the locations. The user can have
different
roles for each location and each role has different permissions.
Now I made a dummy LoginContext class and for changing the LoginContext
I first add the dummy LoginContext, then delete the old LoginContext,
then add the new LoginContext and after that I delete the dummy
LoginContext.
This works, thank you
I think I could add the DummyLoginContext, when the user is logging in.
When the user is changing the location selection, I only would have to
logoff for the
old ApplLoginContext and login again for the new ApplLoginContext.
Andrea
// dummy
DummyLoginContext context2 = new DummyLoginContext(loggedInPerson);
((WaspSession)session).login(context2);
// destroy the old context
((WaspSession)session).logoff(new ApplLoginContext());
// add new context to session
ApplLoginContext context = new ApplLoginContext(loggedInPerson);
((WaspSession)session).login(context);
// destroy the dummy context
((WaspSession)session).logoff(new DummyLoginContext());
-------
2008/6/11, Maurice Marrink <ma...@gmail.com>:
>
> Didn't we use custom actions for those locations?
> A user could have global or location permissions, right?
>
> In that case the permissions would be the same for each location. The
> only difference would be in the fact that the user has or does not
> have a location. which is checked by your securitychecks.
>
> So i don't really see why you would require a new set of permissions.
>
> However if you must :)
> By default a logincontext blocks additional logins, but you can change
> that (constructor flag), you can then login again using another
> logincontext. Your user now has the combined permissions of both
> logincontexts, which in your case is not what you want but you can do
> a logoff of the first logincontext. As long as there is a logincontext
> active the session won't be destroyed.
>
> Maurice
>
> On Wed, Jun 11, 2008 at 12:33 PM, Andrea Jahn
> <an...@googlemail.com> wrote:
> > Hi,
> >
> > in our application the user's rights depend on the location (Munich,
> > Berlin,...).
> > There's a drop down choice, where the user can change the location, on
> which
> > he wants to work.
> >
> > So, when he changes the location, also the principals (permissions) have
> to
> > be changed.
> >
> > How can I remove the old principals and add new ones within the same
> session
> > ?
> >
> > Is it possible to remove the LoginContext from the session and add a new
> one
> > ?
> >
> > Thanks
> > Andrea
> >
> >
> >
> > ApplLoginContext:
> > -----------------------
> >
> > public class ApplLoginContext extends LoginContext
> > {
> > ...
> > public final Subject login() throws LoginException
> > {
> > ...
> > DefaultSubject subject = new DefaultSubject ();
> > ...
> > // grant principals
> > subject.addPrincipal(new SimplePrincipal("TEST_ADMIN"));
> >
> > return subject;
> > }
> > }
> >
> > Login.java:
> > --------------
> >
> > public class Login extends AppBasePage
> > {
> > ...
> > public class LoginForm extends Form
> > {
> > ...
> > public void onSubmit()
> > {
> > ...
> > // add principals of logged in user to the context
> > ApplLoginContext context = new ApplLoginContext(loggedInPerson);
> > try
> > {
> > ((WaspSession)getSession()).login(context);
> > }
> > catch (LoginException e)
> > {
> > ...
> > }
> > }
> > }
> > }
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
> For additional commands, e-mail: users-help@wicket.apache.org
>
>
Re: Wasp/Swarm: change LoginContext in Session
Posted by Maurice Marrink <ma...@gmail.com>.
Didn't we use custom actions for those locations?
A user could have global or location permissions, right?
In that case the permissions would be the same for each location. The
only difference would be in the fact that the user has or does not
have a location. which is checked by your securitychecks.
So i don't really see why you would require a new set of permissions.
However if you must :)
By default a logincontext blocks additional logins, but you can change
that (constructor flag), you can then login again using another
logincontext. Your user now has the combined permissions of both
logincontexts, which in your case is not what you want but you can do
a logoff of the first logincontext. As long as there is a logincontext
active the session won't be destroyed.
Maurice
On Wed, Jun 11, 2008 at 12:33 PM, Andrea Jahn
<an...@googlemail.com> wrote:
> Hi,
>
> in our application the user's rights depend on the location (Munich,
> Berlin,...).
> There's a drop down choice, where the user can change the location, on which
> he wants to work.
>
> So, when he changes the location, also the principals (permissions) have to
> be changed.
>
> How can I remove the old principals and add new ones within the same session
> ?
>
> Is it possible to remove the LoginContext from the session and add a new one
> ?
>
> Thanks
> Andrea
>
>
>
> ApplLoginContext:
> -----------------------
>
> public class ApplLoginContext extends LoginContext
> {
> ...
> public final Subject login() throws LoginException
> {
> ...
> DefaultSubject subject = new DefaultSubject ();
> ...
> // grant principals
> subject.addPrincipal(new SimplePrincipal("TEST_ADMIN"));
>
> return subject;
> }
> }
>
> Login.java:
> --------------
>
> public class Login extends AppBasePage
> {
> ...
> public class LoginForm extends Form
> {
> ...
> public void onSubmit()
> {
> ...
> // add principals of logged in user to the context
> ApplLoginContext context = new ApplLoginContext(loggedInPerson);
> try
> {
> ((WaspSession)getSession()).login(context);
> }
> catch (LoginException e)
> {
> ...
> }
> }
> }
> }
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org