[Yanel-dev] Assigning new group to a user at runtime
Michael Wechner
michael.wechner at wyona.com
Fri Dec 17 00:43:02 CET 2010
also please note that I have cleaned the code quite a bit by =
centralizing the usage of IdentityMap:
grep -rl IdentityMap src/*
src/contributions/resources/sessionmanager/src/java/org/wyona/yanel/impl/re=
sources/sessionmanager/SessionManagerResource.java
src/webapp/src/java/org/wyona/yanel/servlet/IdentityMap.java
src/webapp/src/java/org/wyona/yanel/servlet/YanelServlet.java
whereas I need to check on SessionManagerResource.java and if this can =
also be improved.
Cheers
Michael
On 12/17/10 12:36 AM, Michael Wechner wrote:
> Hi Balz
>
> I have now added a new utility method to
>
> Sending =
> src/webapp/src/java/org/wyona/yanel/servlet/YanelServlet.java
> Transmitting file data .
> Committed revision 55546.
>
> public static void setIdentity(Identity identity, HttpSession session, =
> Realm realm)
>
> by using it for example with
>
> User user =3D =
> realm.getIdentityManager().getUserManager().getUser(trueUserId, true);
> YanelServlet.setIdentity(new Identity(user, username), session, realm);
>
> because the constructor
>
> new Identity(User, String)
>
> will resolve the groups again.
>
> HTH
>
> Michael
>
> On 12/15/10 12:54 PM, Balz Schreier wrote:
>> Hi Michael,
>> I fully understand the performance reasons and I think this has to be =
>> like this. I actually just wanted to know whether I have missed any =
>> API possibility to update the groups.
>>
>> So my suggestion would be to extend the Yanel Core API with a new =
>> method, where the whole group and other security stuff is redone =
>> again and attached to the session (Maybe we can reuse the very same =
>> code that does the initial stuff).
>>
>> What do you think?
>>
>> On Wed, Dec 15, 2010 at 11:43 AM, Michael Wechner =
>> <michael.wechner at wyona.com <mailto:michael.wechner at wyona.com>> wrote:
>>
>> Hi Balu
>>
>>
>> On 12/15/10 10:03 AM, Balz Schreier wrote:
>>
>> Hi,
>>
>> I have the usecase where a user gets assigned a new group
>> while he is logged in.
>> I noticed that Yanel reflects this change only after a login
>> of that user, means as long as the user stays logged in, the
>> user does not benefit from the new assignment yet.
>>
>>
>> the reason for that is that for performance reasons the groups
>> (and its parents and parents) are loaded
>> during login and attached to the session, because these are used
>> for access control, and since every "html request" has many other
>> requests as a consequence it's good to have this "cached".
>>
>> Now when you update the group settings the sessions are not being
>> touched and hence one
>> does not notice such a change.
>>
>> I am not saying that this is good, but the question is how we can
>> do this better, but please see below ...
>>
>>
>> Question: How can I tell Yanel to reinitialize the User
>> (Identity) and its Groups ?
>>
>>
>> - we could try to change the session
>> - we could change the implementation by using conf/ehcache.xml
>> instead the sessions.
>>
>> Any other suggestions?
>>
>> Thanks
>>
>> Michael
>>
>>
>> Thanks
>> Cheers
>> Balz
>>
>>
>> -- =
>> Yanel-development mailing list Yanel-development at wyona.com
>> <mailto:Yanel-development at wyona.com>
>> http://lists.wyona.org/cgi-bin/mailman/listinfo/yanel-development
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.wyona.org/pipermail/yanel-development/attachments/2010121=
7/835dc994/attachment.htm
More information about the Yanel-development
mailing list