...
| Code Block |
|---|
| xml |
|---|
| xml |
|---|
| title | Spring Configuration - Current User Provider |
|---|
|
<!--
| This is the actual servlet filter implementation. The delegating fitler proxy configured in web.xml will delegate
| to this bean.
|
| In this example:
| - The getServerName value is mapped to the 'serverName' attribute.
| - The headerAttributeMapping declares two headers to turn into attributes (headerAttr1 and headerAttr2).
| headerAttr1 will appear as portalAttrName1 in the user's attributes.
| headerAttr2 will appear as portalAttr2Varient1 and portalAttr2Varient2 in the user's attributes.
| - processingPosition Tells the filter to store the user attributes in the session both before and after
| doFilter is called. This is useful when filtering around things like the uPortal login servlet which
| invalidates and re-creates the session during execution.
+-->
<bean id="requestAttributeSourceFilter" class="org.jasig.services.persondir.support.web.RequestAttributeSourceFilter">
<property name="additionalDescriptors" ref="requestAdditionalDescriptors" />
<property name="serverNameAttribute" value="serverName" />
<property name="processingPosition" value="BOTH" />
<property name="headerAttributeMapping">
<map>
<entry key="headerAttr1" value="portalAttrName1" />
<entry key="headerAttr2">
<set>
<value>portalAttr2Varient1</value>
<value>portalAttr2Varient2</value>
</set>
</entry>
</map>
</property>
<property name="processingPosition" value="BOTH" />
</bean>
<!--
| This object holds the user attributes set by the RequestAttributeSourceFilter for later retrieval. Since
| these attributes are tied to the user's session the bean is declared in the globalSession scope and tagged
| as an aop:scoped-proxy. The result of this is each user will get their own copy of this bean and the proxy
| that classes referencing this bean will use will automatically find the correct instance from the current
| user's session.
+-->
<bean id="requestAttributeDescriptors" class="org.jasig.services.persondir.support.AdditionalDescriptors" scope="globalSession">
<!-- Required so Spring injects an AOP proxy instead of the actual bean instance -->
<aop:scoped-proxy/>
</bean>
<!--
| The AdditionalDescriptorsPersonAttributeDao is what you would configure in the tree of IPersonAttributeDaos
| used to get user attributes. It can be treated just like a JDBC or LDAP dao.
+-->
<bean id="requestAttributesDao" class="org.jasig.services.persondir.support.AdditionalDescriptorsPersonAttributeDao">
<property name="descriptors" ref="requestAdditionalDescriptors" />
<property name="usernameAttributeProvider" ref="usernameAttributeProvider" />
<property name="currentUserProvider" ref="currentUserProvider" />
</bean>
|
Example using username from Request and handling session invalidation
The following example assumes the username is provided by HttpServletRequest.getRemoteUser(). This example also handles session invalidation which happens during the login request on some applications, including uPortal. The additional attributes are stored the current request as well as the session ensuring that they are available
at every point during the request.
| Code Block |
|---|
| xml |
|---|
| xml |
|---|
| title | Spring Configuration - Username from Request |
|---|
|
<!--
| This is the actual servlet filter implementation. The delegating fitler proxy configured in web.xml will delegate
| to this bean.
|
| In this example:
| - The getRemoteUser value is mapped to the 'username' attribute.
| - The getServerName value is mapped to the 'serverName' attribute.
| - The headerAttributeMapping declares two headers to turn into attributes (headerAttr1 and headerAttr2).
| headerAttr1 will appear as portalAttrName1 in the user's attributes.
| headerAttr2 will appear as portalAttr2Varient1 and portalAttr2Varient2 in the user's attributes.
| - processingPosition Tells the filter to store the user attributes in the session both before and after
| doFilter is called. This is useful when filtering around things like the uPortal login servlet which
| invalidates and re-creates the session during execution.
+-->
<bean id="requestAttributeSourceFilter" class="org.jasig.services.persondir.support.web.RequestAttributeSourceFilter">
<property name="additionalDescriptors" ref="requestAdditionalDescriptors" />
<property name="remoteUserAttribute" value="username" />
<property name="serverNameAttribute" value="serverName" />
<property name="processingPosition" value="BOTH" />
<property name="headerAttributeMapping">
<map>
<entry key="headerAttr1" value="portalAttrName1" />
<entry key="headerAttr2">
<set>
<value>portalAttr2Varient1</value>
<value>portalAttr2Varient2</value>
</set>
</entry>
</map>
</property>
<property name="processingPosition" value="BOTH" />
</bean>
<!--
| Delegates to two data holding AdditionalDescriptors objects. The first is session scoped, used to store
| the attributes for the duration of the user's session. The second is request scoped, ensuring that on the
| request that the attributes were provided if the session is invalidated the attributes will still be
| available.
+-->
<bean id="requestAdditionalDescriptors" class="org.jasig.services.persondir.support.MediatingAdditionalDescriptors">
<property name="delegateDescriptors">
<list>
<bean class="org.jasig.services.persondir.support.AdditionalDescriptors" scope="globalSession">
<aop:scoped-proxy />
</bean>
<bean class="org.jasig.services.persondir.support.AdditionalDescriptors" scope="request">
<aop:scoped-proxy />
</bean>
</list>
</property>
</bean>
<!--
| The AdditionalDescriptorsPersonAttributeDao is what you would configure in the tree of IPersonAttributeDaos
| used to get user attributes. It can be treated just like a JDBC or LDAP dao.
+-->
<bean id="requestAttributesDao" class="org.jasig.services.persondir.support.AdditionalDescriptorsPersonAttributeDao">
<property name="descriptors" ref="requestAdditionalDescriptors" />
<property name="usernameAttributeProvider" ref="usernameAttributeProvider" />
</bean>
|
Spring Bean Scopes