Removement of PhaseListener [message #1823273] |
Tue, 24 March 2020 07:54 |
Michael Grossmann Messages: 3 Registered: January 2013 |
Junior Member |
|
|
Hi,
i plan to migrate from RAP 2.3 to RAP 3. I read that PhaseListener was removed. I use the PhaseListener in RAP 2.3 to bring the security context from http session to ui thread. I have a servlet filter that sets the security context created with help of the http header to the http session as an session attribute. Then in phase listener i bring the security context to the ui thread. The security context holder used in the example uses a thread local to set a security context for the current thread.
Is there any other way to do this? I use rwt standalone without any OSGI and so on.
Here is my example code:
package my.customer.package.starter.webapp.rwt;
import my.customer.package.ITokenPrincipal;
import javax.servlet.http.HttpSession;
import org.eclipse.rap.rwt.RWT;
import org.eclipse.rap.rwt.lifecycle.PhaseEvent;
import org.eclipse.rap.rwt.lifecycle.PhaseId;
import org.eclipse.rap.rwt.lifecycle.PhaseListener;
import org.jowidgets.security.api.SecurityContextHolder;
final class RwtSecurityPhaseListener implements PhaseListener {
@Override
public void beforePhase(final PhaseEvent event) {
final HttpSession httpSession = RWT.getUISession().getHttpSession();
final ITokenPrincipal principal = (ITokenPrincipal) httpSession.getAttribute(RwtTokenAuthenticationFilter.PRINCIPAL_KEY);
if (principal != null) {
//sets the security context of the http session to the ui thread for this session
SecurityContextHolder.setSecurityContext(principal);
}
}
@Override
public void afterPhase(final PhaseEvent event) {
//clears the security context for the ui thread
SecurityContextHolder.clearSecurityContext();
}
@Override
public PhaseId getPhaseId() {
return PhaseId.ANY;
}
}
[Updated on: Tue, 24 March 2020 07:56] Report message to a moderator
|
|
|
|
Powered by
FUDForum. Page generated in 0.03701 seconds