• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

How to save the login ID as a session attribute ?

 
Ranch Hand
Posts: 188
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I am using form-based authentication in a web application which is being deployed on a JBoss 3.2.3 server. I am authenticating against an Oracle database by way of a DatabaseServerLoginModule (JAAS).
I would like to save the user's login ID as a session attribute in order to be able to use it later in the application.
It's not obvious how you can capture this information and add it to the session, since it seems that the login ID is lost once the authentication is done by j_security_check process.
Is there some way to tell the servlet container to save the login ID as a session attribute as part of the j_security_check process (something along the lines of "if the authentication succeeds add the login ID as an attribute to the session") ?
Is there another approach ? What is the accepted "best practice" for doing session initialization after authentication ? For example if a user needs to have several attributes set in their session after login -- how is this handled ? I have done this before with a login servlet which did both the authentication and the session initialization, but when using form-based authentication and j_security_check it's not clear to me how you go from the authentication to the initialization logic.
Thanks in advance for any suggestions or insight.

-James
 
Rancher
Posts: 13459
Android Eclipse IDE Ubuntu
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
You are refering to the login name the user authenticated against? It is automatically available as request.getRemoteUser()
It is also available as request.getUserPrnciple().getName()
 
James Adams
Ranch Hand
Posts: 188
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks, this is exactly what I needed.
-James
 
Eliminate 95% of the weeds in your lawn by mowing 3 inches or higher. Then plant tiny ads:
a bit of art, as a gift, the permaculture playing cards
https://gardener-gift.com
reply
    Bookmark Topic Watch Topic
  • New Topic