0

My application uses siteminder authentication. The siteminder will append user details such as username, userid etc to the http request header and redirect to my application. I need to store these user details from the header in a bean and access it in my business logic. Have a few questions.

  1. What kind of scope is recommended for the UserDetailsBean ? Session or request ?

  2. Where can I intercept the request and extract the user information from the header ? Can I do it inside a filter ? Or can I do it inside my UserDetailsBean (session bean)constructor ?

Can I do something like

public UserBean() {
    FacesContext context = FacesContext.getCurrentInstance();

    Map<String, String> requestHeaderMap = context.getExternalContext().getRequestHeaderMap();

    String userId = requestHeaderMap.get("sm_userID");

        public String getUserId() {
    return userId;
}
public void setUserId(String userId) {
    logger.info("[Bean - User is] "+userId);
    this.userId = userId;
}
        }

And access the UserBean.getUserId throughout my application ?

Kishor Prakash
  • 8,011
  • 12
  • 61
  • 92
user1722908
  • 535
  • 2
  • 9
  • 21
  • 1) http://stackoverflow.com/questions/7031885/how-to-choose-the-right-bean-scope/7031941#7031941 2) Just try it and report problems you didn't understand, there this site is for. In the future, please post separate questions in separate questions. – BalusC Aug 01 '13 at 20:51
  • From the post, I understand we can use sessionscoped bean. But I am not able to understand where exactly can I intercept my request headers containing user info? Can I do it within the session scoped bean itself or do I need a separate request scoped bean for that ? I am confused here because the info appears in "request" header, but the info contains user details which need to be a part of the "session" – user1722908 Aug 02 '13 at 17:05

0 Answers0