tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hart, Justin" <JH...@sfa.com>
Subject RE: SessionListener
Date Mon, 01 Dec 2003 21:22:37 GMT
If this can be done with HttpSessionListener, than I am game.

What I want to do, is get the username and password when the user signs on, so I can then
use this data to authenticate the user to other programs as themselves.

I'm using BASIC authentication, and trying to avoid having them sign on a second time, any
way to get the username and password using HttpSessionListener without having them retype
the data?

Justin

-----Original Message-----
From: Atreya Basu [mailto:atreya@greenfieldresearch.ca]
Sent: Monday, December 01, 2003 4:07 PM
To: Tomcat Users List
Subject: Re: SessionListener


Sorry,

I should have added to this earlier, but I thought that SessionListener 
should go in the web.xml document under the Listener element.  Or am I 
thinking about HttpSessionListener which is different....

Anyways if it is HttpSessionListener that you are talking about I can 
provide some examples.

Cheers,

Shapira, Yoav wrote:

>Howdy,
>
>  
>
>>Ok, still, I haven't found any documentation on how to add a
>>SessionListener in the server.xml file, and adding one using the
>>    
>>
>listener
>  
>
>>tags defined for web.xml files doesn't seem to work.
>>    
>>
>
>The XML is the similar but not quite the same to the portable one:
><listener className="mypackage.myclass" ... />  There is a generic
>example in the Engine configuration reference, and another more specific
>example in the Host configuration reference.  Neither, however, is a
>SessionListener example.
>
>There IS one specific, full-features SessionListener example: the
>SingleSignOn valve.  It's present (but commented out) in server.xml by
>default, and you can take a look at the source code.  It's a more
>complicated and confusing example because it's also a Valve ;(  But then
>again, I wouldn't even bother with this whole approach when you have the
>HttpSessionListener as part of the servlet specification.
>
>where ... are attributes specific to your listener.  (The astute reader
>would recognize the above as a commons Digester bean-based
>initialization pattern).
>
>  
>
>>I also haven't seen how to get a user's credentials from a HttpSession,
>>    
>>
>or
>  
>
>>how to get a Session from an HttpSessionListener.  Could you throw me a
>>bone?
>>    
>>
>
>If the user is authenticated by the server, typically the information is
>not in the session, it's in the request:
>HttpServletRequest#getUserPrincipal.  A common use-case is to stuff this
>in the session via a filter.
>
>If you had an attribute called username that something was stuffing into
>the session, i.e. something like a filter calling
>session.setAttribute("username", "something"), then an
>HttpSessionAttributeListener's attributeAdded would be called with the
>attribute name and latest value.
>
>Yoav
>
>
>
>
>This e-mail, including any attachments, is a confidential business communication, and
may contain information that is confidential, proprietary and/or privileged.  This e-mail
is intended only for the individual(s) to whom it is addressed, and may not be saved, copied,
printed, disclosed or used by anyone else.  If you are not the(an) intended recipient, please
immediately delete this e-mail from your computer system and notify the sender.  Thank you.
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
>For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
>
>  
>

-- 
____________________________________
Developer
Greenfield Research Inc.
atreya(AT)greenfieldresearch(DOT)ca
(902)422-9426



---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message