See wam Menu

Creating a WAM ManagedSessionEventHandler

This section describes how to create your own WAM managed session event handler. The example will use JDBC to lookup a user-specific attribute at session creation time.

Example 1 shows how to register and configure the UserAttributeManagedSessionEventHandler example by adding the <session-event-handler> element and attributes to the <session-manager-service> in security-domain.xml.

<!-- Configure the session manager service -->
<session-manager-service className="com.cafesoft.security.engine.session.StandardSession
Manager">

...

   <session-event-handler className="examples.session.UserAttributeManagedSessionEvent
   Handler">
      <param-list>
         <param name="jdbcDriver" value="com.cafesoft.core.jdbc.PoolingConnectionDriver"/>
         <param name="url" value="jdbc:cafesoft:pool:usersdb_pool"/>
         <param name="user" value="examples_admin"/>
         <param name="password" value="examples_admin_password"/>
         <param name="sql" value="SELECT BALANCE FROM USERS WHERE USER LIKE ?"/>
         <param name="nameSpace" value="userinfo"/>
         <param name="attributeName" value="balance"/>
      </param-list>
   </session-event-handler>
</session-manager-service>

Example 1 - Register the UserAttributeManagedSessionEventHandler example within a security domain

The parameters for this example are:

  • jdbcDriver: The fully qualified class name of the JDBC driver to use.

  • url: The JDBC database connection URL.

  • user: The user account to connect to the database.

  • password: The password for the user.

  • sql: The SQL for the prepared statement that will be used to query the attribute value, the login user name will be substituted for the question mark (?).

  • nameSpace: The session attribute’s namespace. If null or an empty string, then the default namespace: "default:namespace" is used.

  • attributeName: The session attribute name

NOTE: Example 1 shows use of a JDBC Driver provided by WAM that pools JDBC Connections and can dramatically improve performance and scalability for Session Event Handlers.

WAM provides a service that can be used to configure JDBC Connection pooling for use by Session Event Handlers, Login Modules, and any other components that you can plug into WAM.

For more information, see section: Using Jdbc Connection Pooling in the WAM Administrator’s Guide.

WAM prepends the HTTP request header value with CAMS-HTTP-. In the example, the HTTP header request value to be fetched by the application code would be CAMS-HTTP-USERINFO-BALANCE.

NOTE: Some web servers such as Apache and IIS convert dashes to underscores and prepend HTTP_. For example, an ASP.NET, PERL, PHP, or shell programmer could expect to find the value for CAMS-HTTP-USERINFO-BALANCE using the name HTTP_CAMS_HTTP_USERINFO_BALANCE.

The comments found in examples.session.UserAttributeManagedSessionEventHandler explain the work being done.

Another example ManagedSessionEventHandler is examples.service.RoleLoginNotifier, which sends an email message whenever a user with the specified role authenticates.

Example 2 shows the security-domain.xml configuration. This example makes use of the WAM Services API to implement the text notifier service that sends the email.

<!-- Configure the session manager service -->
<session-manager-service className="com.cafesoft.security.engine.session.StandardSession
Manager">

  ...

   <!-- Configure the login notifier event manager -->
   <session-event-handler className="examples.service.RoleLoginNotifier">
      <param-list>
         <param name="fromAddress" value="user@mycompany.com"/>
         <param name="msgSubject" value="Security Domain Login"/>
         <param name="roleName" value="myrole"/>
      </param-list>
   </session-event-handler>
</session-manager-service>

...

<!-- Register services accessible within this security domain -->
<service-manager className="com.cafesoft.core.service.StandardServiceManager">

  ...
   <!-- Register a text notifier service -->
   <service id="email-text-notifier-service" enabled="true" debug="false">
      <service-type>examples.service.TextNotifierService</service-type>
      <service-class>examples.service.SmtpTextNotifierService</service-class>
      <param-list>
         <param name="smtp.host" value="mymailhost.mycompany.com"/>
         <param name="smtp.to" value="user@mycompany.com"/>
      </param-list>
   </service>
</service-manager>

Example 2 - Register the RoleLoginNotifier and TextNotifierService example within a security domain


Have a Question?

Have a how-to question? Seeing a weird error? Contact us.

Found a bug? Submit a support ticket.

Have a product idea or request? Share it with us in our Ideas Portal.