Announcement Announcement Module
No announcement yet.
injection session variables Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • injection session variables

    Hi, I have a doubt, I will try to explain what I want to do.

    1.- user does a correct login.
    2.- inject user session variables in beans.

    is it possible?

  • #2
    mmm i don't know how you can do it...but maybe it's better if you use spring-security and get the logged using the SecurityContext


    • #3
      I have almost the same doubt... I want to keep the user information within the session... I mean, for example using it for performing some searches which need the username for retrieving a result list


      • #4
        With spring security you have the static method SecurityContext.getContext() which you can get the user logged everywhere in your application without having a reference to the session

        or you can take the session from the request attribute contained into RequestContextHolder.currentRequestAttribute() (static method)

        i never try it on a servlet but this work on portlet

        public static PortletRequest getPortletRequest(){
        	return (PortletRequest)RequestContextHolder.currentRequestAttributes().getAttribute("javax.portlet.request", RequestAttributes.SCOPE_REQUEST);


        • #5
          You don't need to use Spring Security.

          Just create a pojo com.mycompany.User with name, password, role etc.. Then register this class as a bean in the application context (define in xml, use @Component + component-scan, use javaconfig...whichever you want) but define the scope of this bean to be session.
          Inject this session bean in the bean that performs login (so that you can update it with the values of the user that logged in) and also inject it in all the beans that need to use this User bean (to get name, role, auth etc.). You can inject using xml, @Inject, @Autowired or whatever, the important thing is that you use scope proxies for injection of session-scoped bean in singleton beans that use it. For example if you inject with xml you should use the <aop:scoped-proxy/> tag, if you use annotation config you should declare that you want to use proxies for all non singleton-beans injection in <context:annotation-config> tag etc. Read the reference documentation it's all explained in detail.