Announcement Announcement Module
Collapse
No announcement yet.
Accessing domain object from security session Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Accessing domain object from security session

    Hi everyone,

    I'm using Spring Web MVC and Spring Security to develop a web app. The users are authenticated against the DB using the following piece of code and so far it works well.

    Code:
    <authentication-manager>
            <authentication-provider>
                <password-encoder hash="sha" />
                <jdbc-user-service data-source-ref="dataSource"
                    users-by-username-query="select ..."
                    authorities-by-username-query="select ..." />
            </authentication-provider>
        </authentication-manager>
    What I'd like to achieve is to be able to access the user domain object from the session so I can use it to perform business operations. For that purpose I guess I should perform the following operations:
    1. When a user authenticates, the app should retrieve the corresponding domain object from the DB and store it into the session.
    2. When an authenticated user sends a request, the corresponding domain object should be available from the session so it can be used to perform business operations.
    3. Of course when the user is not authenticated anymore the corresponding domain object shouldn't be available anymore in the session.

    I've been searching the web for a while about this but so far I didn't have any luck.

    Does someone have an idea about this? I'm sure this is a common requirement for many web applications.

    Regards,
    Marco
Working...
X