Hi! We are looking for a good pattern in order to avoid sending info about the logged in user as parameters from the client layer to the business layer. Our application is running on jetty or tomcat as frontend, and jboss as backend, using spring and ejb.
This is a large application with both struts 1.3, T4 and T5 pages. We have a User object in the session/applicationstate that represents the currently logged in user. I would like to expose this User object to Spring, to enable our business layer to identify the user who is running the current thread, without using method parameters. But I don't know how to do this, I see 2 immediate problems: 1. How to expose the HttpServletRequest to spring (like T5 IoC does), in order to retrieve the User object from the session 2. Adding a dependency on servlet classes in the shared frontend/backend spring context seems like a bad idea to me I've heard talks about the possibility of injecting T5 IoC services into spring in T5.1, and that sounds really interesting. Exposing a T5 ApplicationState object through a T5 IoC service into spring is a great start, although I would have to implement the same kind of thing for T4 and Struts. Anyone with pointers or ideas on this? Regards Inge
