I was wondering what the best way to configure / access an object such at the current user that is stored in the session collection.

Are we able to inject the session object from the Page object into a factory that would then allow us to use it with other business level objects?

Or am I being to ambitious? Should I just pass in the session object manually?

Has anyone else done something like this?

Thanks for any advice,
Paul Jackson

Hi Paul,

Right now there is no way to do what you want, but I was thinking of adding that feature.

Basically, I was thinking of expanding property placeholders concept to allow you to specify something like ${Session['myValue']} or ${Context.Items['myContextValue']} for your property values. This would allow you to inject HTTP session as well into object that normally wouldn't have access to it.

However, in order to do this we might need to introduce namespaces for property placeholder resolution, which should probably wait until after 0.6 release. For example, properties without namespace would resolve to properties defined in the config file, "env" namespace would be used to resolve environment variables, and "web" or "asp" namespace would be used to resolve request, session and context. In that case, example above would become ${asp:Session['myValue']}.

As a sidenote, Spring.Web supports object scoping even now, although I forgot to document it on the wiki. What you can do is add scope attribute to your object definitions, and set its value to request, session or application (default). That means that you can have session scoped UserInfo or ShoppingCart object, for example, and Spring will make sure that each user gets it's own session-level instance of that object.

Let me know if this helps and if you think adding the ability to inject session, request and application would be useful.

Regards,

Aleks

Alek,

That's just the thing I was after,

thanks,

Paul

Sorry, I missread your original post, probably because I've been thinking about session/request/context injection a lot lately :)

Yes, session scoped objects are the way to go in your case.

- Aleks

Aleks,

I see what you mean by needing to inject a session object.
I need to inject the username (for a session) into an user dao object that will retrieve the user details from the database.

I'm not sure of a clean way to do it. This must be a common problem.

thanks,

Paul

Hi Paul,

There are so many details here that make this question difficult to answer. I'll just assume a number of things and make up class and method names as I go for illustration purposes.

First of all, user either needs to log in or you need to get username from the server variables. Either way, you can pass username to your UserManager.CreateUserInfo method from login handler or from Session.OnStart event handler, which will in turn call UserDao, which will create and populate UserInfo object.

Let's also assume that you have session-scoped 'userInfo' object definition that you later want to inject into your pages that somehow needs to be initialized with the value returned by UserManager.CreateUserInfo method.

In order to do that, you can use (undocumented) fact that session-scoped variables are stored in HttpSession using '<objectId>.spring' format for the key and simply do something like:



Session&#91;"userInfo.spring"&#93; = UserManager.CreateUserInfo&#40;username&#41;;


Later, whenever Spring tries to access 'userInfo' object, it will find and return the instance that you manually created.

Problem with the code above is that it uses undocumented key format that might change in the future (however unlikely that might be) and it forces you to hardcode id of the object definition.

Cleaner option might be to inject userInfo object into a login page as well and pass it as a second parameter to UserManager.PopulateUserInfo(username, userInfo) method, for example. UserDao would simply populate existing object instead of creating a new one.

However, this won't work if you need to do everything within Session.OnStart handler as there is no way to inject objects into HttpApplication (for now :)).

Another thing to keep in mind when dealing with session-scoped object is that they should only be referenced by objects with same or narrower scope -- prototypes and request or session-scoped singletons. While we might add proxies around session and request-scoped objects in the future, which will allow them to be referenced by application-scoped singletons as well, current implementation does not allow that and the results might be "unexpected" :wink:

Hope this helps,

Aleks

Aleks,

That does help. Thanks.
Just to clarify things, We're using NTLM to get the username (from Paqe.User.IdentityName).

I might try to use some kind of proxy to do it...

thanks,

Paul