Skip to main content


Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Eclipse Projects » Eclipse Scout » Login identity(How to find the login identity)
Login identity [message #1161185] Tue, 29 October 2013 16:36 Go to next message
Dominic Hanlan is currently offline Dominic HanlanFriend
Messages: 98
Registered: July 2009
Member
Hi,

I have the situation where I need to know the logged in users database id. I'm using DataSource security filter which works fine, but I cannot find the users identity thereafter. The ClientSession getUserId is not sufficient as this just returns the username. In my case this is not sufficient as it is a central server serving more than one organisation, hence usernames can be the same between organisations but unique with the organisation.

Any thoughts on how to return this unique value or how to get the users credentials for use after logging in??

This has to work on SWT/RAP so the extended login dialog example doesn't help when it comes to RAP.

Regards


Re: Login identity [message #1161198 is a reply to message #1161185] Tue, 29 October 2013 16:48 Go to previous messageGo to next message
Dominic Hanlan is currently offline Dominic HanlanFriend
Messages: 98
Registered: July 2009
Member
I have an example from the Create Permissions howto (below) which shows how to gather the permissions based on userNr, where does userNr come from?? The permissions data has no binding base to get this from?????

Help......

@Override
protected Permissions execLoadPermissions() {
  try {
    Object[][] permissionData = SQL.select(
            "SELECT   P.PERMISSION_NAME, " +
            "         MAX(P.PERMISSION_LEVEL) " +
            "FROM     USER_ROLE R, ROLE_PERMISSION P " +
            "WHERE    R.ROLE_UID=P.ROLE_UID " +
            "AND      P.PERMISSION_LEVEL>0 " +
            "AND      R.USER_NR = :userNr " +
            "GROUP BY P.PERMISSION_NAME"
    );
 
    Permissions p = AccessControlUtility.createPermissions(permissionData);
    p.add(new RemoteServiceAccessPermission("*.shared.*", "*"));
    return p;
  }
  catch (ProcessingException t) {
    //TODO: add logging
    return null;
  }
}
Re: Login identity [message #1163693 is a reply to message #1161198] Thu, 31 October 2013 06:38 Go to previous messageGo to next message
Jeremie Bresson is currently offline Jeremie BressonFriend
Messages: 1252
Registered: October 2011
Senior Member
I will let other people answering your question about how you can store and read the informations related to the logged in user.

Dominic Hanlan wrote on Tue, 29 October 2013 17:48
I have an example from the Create Permissions howto (below) which shows how to gather the permissions based on userNr, where does userNr come from??


If I remember it correctly the ServerSession is always attached to the sql binds (used as fallback is nothing is found in the binds you provide). ":userNr" refers to ServerSession#getUserNr().

[Updated on: Thu, 31 October 2013 06:39]

Report message to a moderator

Re: Login identity [message #1164629 is a reply to message #1161185] Thu, 31 October 2013 20:31 Go to previous messageGo to next message
Bertin Kiekebosch is currently offline Bertin KiekeboschFriend
Messages: 330
Registered: August 2011
Senior Member
if you use the DataSourceSecurityFilter do you have the following statement to check the loging credentials?.
org.eclipse.scout.http.servletfilter.security.DataSourceSecurityFilter#selectUserPass=SELECT name FROM account WHERE name=? and password=?


if so then the name must be a unique identifier for the account. You can add other columns to your account table as well.

for example the accout table may look like this:
CREATE TABLE `account` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `name` varchar(25) NOT NULL,
  `password` varchar(32) NOT NULL,
  `valid_through` date DEFAULT NULL,
  `active_valid_through` tinyint(1) NOT NULL DEFAULT '0',
  `reset_password` tinyint(1) NOT NULL DEFAULT '0',
  PRIMARY KEY (`id`),
  UNIQUE KEY `name` (`name`)
) ENGINE=InnoDB AUTO_INCREMENT=9 DEFAULT CHARSET=latin1$$


You can also add a reference to other tables for example a reference to an employee table so you can find out to whom the account belongs. But the name in the account table must be unique (e.g. e-mail adress)
Re: Login identity [message #1165597 is a reply to message #1164629] Fri, 01 November 2013 11:54 Go to previous messageGo to next message
Dominic Hanlan is currently offline Dominic HanlanFriend
Messages: 98
Registered: July 2009
Member
Hi,

that's very similar to the account table that I have.

How do I access the user index after the login process?

I tried entering the username as an email address to ensure it was unique but it appears that the login process splits the username field hence dominic@hanlan.org.uk becomes just dominic.

Regards
Re: Login identity [message #1167298 is a reply to message #1165597] Sat, 02 November 2013 15:01 Go to previous message
Bertin Kiekebosch is currently offline Bertin KiekeboschFriend
Messages: 330
Registered: August 2011
Senior Member
after a succesfull login, you can call
String accountName = ServerSession.get().getUserId()

now with the account name you can query for the rest of the information stored in the account table. If you need this info often, you can add extra "shared context properties" to your server session and store the values for the account there. Then you can use them where ever you need them in you server or client see ServerSession and ClientSession
Previous Topic:client side sceduling and messages
Next Topic:Maven - version numbers
Goto Forum:
  


Current Time: Tue Mar 19 09:54:03 GMT 2024

Powered by FUDForum. Page generated in 0.03684 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software

Back to the top