Announcement Announcement Module
Collapse
No announcement yet.
set value to an interceptor Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • set value to an interceptor

    hi

    i use a spring interceptor

    Part 1
    Code:
    ApplicationContext context = new ClassPathXmlApplicationContext(new String[]{"applicationContext.xml"});
    UserFacade user = (UserFacade) context.getBean("interceptedService");
    Part 2 - config xml
    Code:
    <bean id="securityInterceptor" class="test.logic.UserValidationImpl">
        <property name="userImpl" ref="odUserDao"/>
    </bean>
        
    <bean id="interceptedService" class="org.springframework.aop.framework.ProxyFactoryBean">
        <property name="target">
            <ref bean="odUserDao"/>
        </property>
        <property name="interceptorNames">
            <list>
                <value>securityInterceptor</value>
            </list>
        </property>
    </bean>
    in UserValidationImpl, i have a variable named currentUser
    in part 1, how can i affect a value to this variable ?
    does i need to add something in the part 2 (xml config)?


    thanks
    Last edited by robert_trudel; May 28th, 2008, 04:27 PM.

  • #2
    You will at least have to figure out a way to retrieve the currentUser. I would set it in a ServletFilter (if you are in a web app), put it in a ThreadLocal and retrieve it from the threadlocal prior to use in your UserValidationImpl. (Although I'm not sure what you are doing there and why you do it this way...).

    Comment


    • #3
      before to execute some method, i would like to check if the user have the right to do it

      if you have a better way to do it... i'm open

      Comment


      • #4
        if you have a better way to do it... i'm open
        Spring Security already has al the stuff needed for this, you might want to check that out instead of creating your own security solution.

        before to execute some method, i would like to check if the user have the right to do it
        I was mislead by the name of your class, I would expet it to validate the user, not do a security check.

        If you don't want to use Spring Security you still need access to your current user, as stated in my previous answer. Put it in a ThreadLocal on each incoming request (I assume the user is stored in the Session or at least you have the means to retrieve it), and retrieve it from there when you need it. Spring Security uses the same approach.

        Comment

        Working...
        X