如何处理JSF中的动态角色或用户名更改？ [英] How to handle dynamic role or username changes in JSF?

问题描述

我有一个在Glassfish 2.1上运行的JSF应用程序和一个EJB 3后端。对于身份验证，我使用自定义领域。用户使用他在注册时指定的电子邮件地址和密码进行身份验证。一切都很好。

现在我有两个相关问题：

1）用户可以编辑他的自然而然，他也可以改变他的电子邮件地址。不幸的是，当我使用ExternalContext.getUserPrincipal（）。getName（）执行基于当前用户身份的操作时，我将收到用户在登录时使用的以前的电子邮件地址。目前，我通过强制用户在更改电子邮件地址后重新认证来处理这个问题，但还有另一个更优雅的可能性吗？

2）用户相同角色。例如。我有用户角色MEMBER和PREMIUM_MEMBER。会员在本届会议期间可能会成为高级会议。不幸的是，这个角色似乎只能在登录时确定。有没有可能，JSF和EJB认识到新的用户角色，而不需要用户重新认证？

解决方案

考虑使用JSF的 Seam 。在那里，您可以更改登录的用户凭据，而无需重新登录。

I have a JSF application running on glassfish 2.1 with a EJB 3 backend. For authentication I use a custom realm. The user authenticates using the e-mail-address and password he specified on registration. Everything is working quite well.

Now I have two related problems:

1) The user can edit his profile and -- naturally -- he can also change his e-mail-address. Unfortunately when I perform operations based on the current user's identity using ExternalContext.getUserPrincipal().getName(), I will receive the previous e-mail-address the user used on login. At the moment I handle this by forcing the user to reauthenticate after he changed his e-mail-address, but is there another more graceful possibility?

2) Same for user roles. E.g. I have the user roles MEMBER and PREMIUM_MEMBER. A MEMBER may become a PREMIUM_MEMBER during his current session. Unfortunately the role seems to be only determined at login. Is there any possibility, that JSF and EJB recognize the new user role without the need for the user to re-authenticated?

解决方案

Consider using Seam with JSF. There you can change the logged in users credentials without needing to re-login.

这篇关于如何处理JSF中的动态角色或用户名更改？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！