cocoon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ralph Goers <>
Subject Re: AuthenticationContextListener?
Date Sun, 20 Nov 2005 17:53:20 GMT
I haven't tried the technique you are using. I found it easier to create 
an object with references to everything else my application needs and 
store that in the session. The object then implements 
HttpSessionBindingListener to detect that the session is being 
destroyed. This does not require anything be added to web.xml. Since it 
is your object being called I should think you'd have access to 
everything you need without even going to the authentication context.

I'm not sure how to retrieve the authentication context manually. You 
will have to read the code in the authentication framework block unless 
someone can provide a code snippet.


Stefan Pietschmann wrote:

> I asked something similar in the users list some time ago but got no 
> response, so you’re my last chance ;)
> As usual we’re storing information in the AuthenticationContext. So 
> far this information has been written on disk with every request 
> processed by the server.
> Due to several reasons we’ve decided to just write it to a file 
> everytime the user logs out OR the session times out. Thus it is not 
> sufficient to add the method to the logout matcher, because the data 
> will be lost if the user just closes is browser.
> I decided to use an HTTPSessionListener which I added to Cocoon’s 
> web.xml. This works fine so far, but it only allows me to retrieve the 
> user’s HTTPSession in the method sessionDestroyed(HttpSessionEvent 
> event). From there I can get the the ServletContext, but I see no way 
> to access the AuthenticationContext? Is it accessable at all? I tought 
> one of these should work, but both are null.
> AuthenticationContext authContext = 
> (AuthenticationContext)session.getServletContext().getContext("authentication");
> AuthenticationContext authContext2 = 
> (AuthenticationContext)session.getServletContext().getContext(AuthenticationConstants.SESSION_CONTEXT_NAME)
> Cheers,
> Stefan

View raw message