Announcement Announcement Module
No announcement yet.
Session Management between thick client and server Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • Session Management between thick client and server

    My application is swings based application

    This is my requiement.
    User run the client application, key-in userId and password and click submit.
    at the server-side i check whether userId, password is valid then I want to put userId into session.
    when user tries for another operation then at the server side i will first check whether session userId is not null and perform the action.

    How can I maintain session Management at serverside in spring framework...

    Any help is appreciated..
    Pass me any references.

    Thank You,

  • #2
    Are you trying to integrate with a (Http?)Session solely for security purposes?

    If so, just use the integration already provided in Spring Rich. It authenticates a user's username and password by sending a request across (via a remoting proxy factory) to a server-side Acegi Security processing bean. If the username and password is valid, back goes the list of GrantedAuthority[]s to the Spring Rich client. Spring Rich then sets a local ContextHolder (which is a ThreadLocal object) containing the validated username, password and GrantedAuthority[]s. It also publishes a LoginEvent which is consumed by the curityConfigurer, which sets the username and password on each of application context-defined remoting proxy factories. This then means those remoting proxy factories will present the username and password via BASIC authentication, and again on the server-side Acegi Security handles the automatic integration.

    Check out the Petclinic Rich Client sample, which uses this mechanism in its client-server version. Or if you have other requirements, please feel free to elaborate.


    • #3
      Is simply to do that with Eclipse RCP?

      I use the Eclipse Rich Client and i want to do the same with my Tomcat Server, keep a threadlocal with the credetinals of the current user for accesing the httpinvoker exposed services.

      Before look at the Spring Rich Client code and implement it, i ask if anybody knows some similar (i don't want re-invent the weel).

      Thank in advance



      • #4
        You'd probably do better by posting your question on the Eclipse RCP forums.



        • #5
          Controlling Spring RCP client concurrent sessions?


          I have a Spring RCP client app communicating with POJO services using Spring HttpInvoker. Spring RCP integration with Acegi works nice for me. Now I would like to have some kind of session tracking for controlling concurrent sessions. Specifically, I want to intercept repeated login attempts and provide a choice of either cancelling a login or terminating the previous session. How could I achieve this? Any guidelines would be greatly appreciated (what to extend/configure, where to look, etc.).