-
1. Re: Question about authentication
fady.matar Mar 9, 2007 8:09 AM (in response to xinhua)What you can do is create a list that is injected in the application scope and append each authenticated user id to it. no need to append the whole objects to the application scope.
-
2. Re: Question about authentication
xinhua Mar 9, 2007 8:16 AM (in response to xinhua)Hi,fady.matar
thank you for your answer. But the problem of your solution is, if the user is session timeout, his id is till in application scope.... -
3. Re: Question about authentication
pgmjsd Mar 9, 2007 12:26 PM (in response to xinhua)The Seam way would be to use an @Destroy method on a session-scoped object to remove the user id from the application context.
The ordinary Servlet way would be to implement HttpSessionListener. -
4. Re: Question about authentication
rmemoria Mar 9, 2007 1:50 PM (in response to xinhua)The solution I found to my app was to create a JavaBean with login() and logout() methods.
The login() is mapped using the <security:identity authenticate-method tag in components.xml
The logout() is mapped using <event type="org.jboss.seam.preDestroyContext.SESSION" tag in components.xml
If the user succesfull logins the system adds him to a application-scoped list.
When the user logs out the system removes its information from this list.
It has worked very well.
I hope I've helped.
Ricardo