Versions Compared

Old Version 9

changes.mady.by.user Matthew Wagner

Saved on

compared with

New Version 10

changes.mady.by.user Matthew Wagner

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

In XperienCentral there are actually three different sessions that play a role in Session Management:

...

To create the session, the SessionManager.createSession(HttpServletRequest, HttpServletResponse) method can be used. The HTTP request and response usually are not available but you can use mock requests and responses instead via the Spring mock module (org.springframework.mock.web). After logging in you should still invoke AuthorizationService.login(username, password, request) in order to be granted the proper authorization. The code example below shows an example of creating a session for user USERNAMEKEY on webinitiative with ID WEBSITEKEY and password PASSWORDKEY:


Code Block
themeEclipse
	private Session login() {
	try {
		String portnr = myConfigService.getParameter("website_settings.frontend_portnr", null, "default");
		String hostname = myConfigService.getParameter("website_settings.backend_hostname", null, "default");
		String username = myConfigService.getParameter(USERNAMEKEY);
		String password = myConfigService.getParameter(PASSWORDKEY);
		String website = myConfigService.getParameter(WEBSITEKEY);

		// Create mocks for the servlet request and response
		MockServletContext contextSession session = new MockServletContext();
		MockHttpServletRequest request = new MockHttpServletRequest(context);
		request.addParameter("webid", website);
		request.setServerName(hostname);
		request.setServerPort(Integer.parseInt(portnr));
		MockHttpServletResponse response = new MockHttpServletResponse();

		// Create a new session from this mock request
		Session session = mySessionManager.createSession(website, username);
		request.setAttribute(Session.XPERIENCENTRAL_SESSION_KEY, session);
mySessionManager.createSession(website, "username");
        return session;
}
		// Login using the authorization service
		if (!myAuthorizationService.login(username, password, request)) {
			LOG.warning("Login failed.");
			return null;
			}
			return session;
	} catch(ConfigurationManagementException e) {
		LOG.log(Level.SEVERE, "An exception occurred during login()", e);
		return null;
	}
}

...