Announcement Announcement Module
Collapse
No announcement yet.
Common question? Auditing... Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Common question? Auditing...

    I'm planning to create some Audit logging Aspects for my project (Spring/hibernate/acegi).

    I have a filter that checks for the Acegi credential in the Session scope. If so I retrieve an instance of my own User class and store it in the Session for later use.

    Now for implementing the Audit aspect I need these credential objects.

    Is it possible to store the Acegi user credential (or my own User object) in the Spring Context and retrieve it from my Aspect or is there another way do to this?
    Another option is to give the User object as a method parameter on each method in the Service layer, but this is against the beauty of AOP, no?

    Any help much appreciated.

  • #2
    May be I didn't get it. But I don't see a compelling reason to store acegi credentials on the userinfo object. It's all in the session so the credentials can be used anytime by the AOP.

    Comment


    • #3
      Originally posted by neeraj_cmu
      May be I didn't get it. But I don't see a compelling reason to store acegi credentials on the userinfo object. It's all in the session so the credentials can be used anytime by the AOP.
      So it is possible to retrieve the Session credential? Can you tell me how to achieve this?

      Comment


      • #4
        What's meant by a Session? You mean a HttpSession? That's not an ideal place to access your Authentication object, as it will not be available outside the web tier.

        It's better to use ((SecureContext)ContextHolder.getContext()).getAut hentication() to obtain your Authentication for generating your audit records.

        Comment


        • #5
          Audit logging

          Thanks Ben. That was exactly what I was looking for !

          Comment

          Working...
          X