Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Eclipse Projects » scout » Login identity(How to find the login identity)
Login identity [message #1161185] Tue, 29 October 2013 12:36 Go to next message
Dominic Hanlan is currently offline Dominic Hanlan
Messages: 98
Registered: July 2009
Member
Hi,

I have the situation where I need to know the logged in users database id. I'm using DataSource security filter which works fine, but I cannot find the users identity thereafter. The ClientSession getUserId is not sufficient as this just returns the username. In my case this is not sufficient as it is a central server serving more than one organisation, hence usernames can be the same between organisations but unique with the organisation.

Any thoughts on how to return this unique value or how to get the users credentials for use after logging in??

This has to work on SWT/RAP so the extended login dialog example doesn't help when it comes to RAP.

Regards


Re: Login identity [message #1161198 is a reply to message #1161185] Tue, 29 October 2013 12:48 Go to previous messageGo to next message
Dominic Hanlan is currently offline Dominic Hanlan
Messages: 98
Registered: July 2009
Member
I have an example from the Create Permissions howto (below) which shows how to gather the permissions based on userNr, where does userNr come from?? The permissions data has no binding base to get this from?????

Help......

@Override
protected Permissions execLoadPermissions() {
  try {
    Object[][] permissionData = SQL.select(
            "SELECT   P.PERMISSION_NAME, " +
            "         MAX(P.PERMISSION_LEVEL) " +
            "FROM     USER_ROLE R, ROLE_PERMISSION P " +
            "WHERE    R.ROLE_UID=P.ROLE_UID " +
            "AND      P.PERMISSION_LEVEL>0 " +
            "AND      R.USER_NR = :userNr " +
            "GROUP BY P.PERMISSION_NAME"
    );
 
    Permissions p = AccessControlUtility.createPermissions(permissionData);
    p.add(new RemoteServiceAccessPermission("*.shared.*", "*"));
    return p;
  }
  catch (ProcessingException t) {
    //TODO: add logging
    return null;
  }
}
Re: Login identity [message #1163693 is a reply to message #1161198] Thu, 31 October 2013 02:38 Go to previous messageGo to next message
Jeremie Bresson is currently offline Jeremie Bresson
Messages: 657
Registered: October 2011
Senior Member
I will let other people answering your question about how you can store and read the informations related to the logged in user.

Dominic Hanlan wrote on Tue, 29 October 2013 17:48
I have an example from the Create Permissions howto (below) which shows how to gather the permissions based on userNr, where does userNr come from??


If I remember it correctly the ServerSession is always attached to the sql binds (used as fallback is nothing is found in the binds you provide). ":userNr" refers to ServerSession#getUserNr().

[Updated on: Thu, 31 October 2013 02:39]

Report message to a moderator

Re: Login identity [message #1164629 is a reply to message #1161185] Thu, 31 October 2013 16:31 Go to previous messageGo to next message
Bertin Kiekebosch is currently offline Bertin Kiekebosch
Messages: 300
Registered: August 2011
Senior Member
if you use the DataSourceSecurityFilter do you have the following statement to check the loging credentials?.
org.eclipse.scout.http.servletfilter.security.DataSourceSecurityFilter#selectUserPass=SELECT name FROM account WHERE name=? and password=?


if so then the name must be a unique identifier for the account. You can add other columns to your account table as well.

for example the accout table may look like this:
CREATE TABLE `account` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `name` varchar(25) NOT NULL,
  `password` varchar(32) NOT NULL,
  `valid_through` date DEFAULT NULL,
  `active_valid_through` tinyint(1) NOT NULL DEFAULT '0',
  `reset_password` tinyint(1) NOT NULL DEFAULT '0',
  PRIMARY KEY (`id`),
  UNIQUE KEY `name` (`name`)
) ENGINE=InnoDB AUTO_INCREMENT=9 DEFAULT CHARSET=latin1$$


You can also add a reference to other tables for example a reference to an employee table so you can find out to whom the account belongs. But the name in the account table must be unique (e.g. e-mail adress)
Re: Login identity [message #1165597 is a reply to message #1164629] Fri, 01 November 2013 07:54 Go to previous messageGo to next message
Dominic Hanlan is currently offline Dominic Hanlan
Messages: 98
Registered: July 2009
Member
Hi,

that's very similar to the account table that I have.

How do I access the user index after the login process?

I tried entering the username as an email address to ensure it was unique but it appears that the login process splits the username field hence dominic@hanlan.org.uk becomes just dominic.

Regards
Re: Login identity [message #1167298 is a reply to message #1165597] Sat, 02 November 2013 11:01 Go to previous message
Bertin Kiekebosch is currently offline Bertin Kiekebosch
Messages: 300
Registered: August 2011
Senior Member
after a succesfull login, you can call
String accountName = ServerSession.get().getUserId()

now with the account name you can query for the rest of the information stored in the account table. If you need this info often, you can add extra "shared context properties" to your server session and store the values for the account there. Then you can use them where ever you need them in you server or client see ServerSession and ClientSession
Previous Topic:client side sceduling and messages
Next Topic:Adding tables programmatically
Goto Forum:
  


Current Time: Wed Aug 20 14:33:42 EDT 2014

Powered by FUDForum. Page generated in 0.01604 seconds