|How to provide user authentication for RAP/RCP [message #1015329]
||Thu, 28 February 2013 09:09
| Thorsten Schlathölter
Registered: February 2012
I have a question regarding authentication of users providing a single sourced RAP/RCP approach.
This is the scenario:
I have a database access managed via spring/teneo/hibernate. I would like to use a proxy user for an oracle DatabaseConnection. So I need a way to find out the current user. I have added a Filter that does user authentication and sets the valid user name into the HttpSession. Now when I access the datasource for a DatabaseConnection I would like to get the valid user attribute from the HttpSession.
I thought I could use spring SessionScoped beans. I added the org.springframework.web.filter.RequestContextFilter which provides the request to the current Thread. Now I realized that the access via RAP is performed within the RAP UIThread, which is not the Thread that contains the required information. A solution would be to use RWT
userId = (String) RWT.getUISession().getHttpSession().getAttribute("USER_ID");
But then I need to make my persistence layer RAP dependend. And the call will fail if not issued from an UIThread. I will have problems with access via a RCP application.
I would be glad if somebody could point out a better approach.
Powered by FUDForum
. Page generated in 0.01397 seconds