Good way to make Authentication and Authorization information available between application layers

Posted by DutrowLLC on Stack Overflow See other posts from Stack Overflow or by DutrowLLC
Published on 2010-05-16T19:46:32Z Indexed on 2010/05/16 19:50 UTC
Read the original article Hit count: 307

I have a web application running on Google App Engine (GAE) for JAVA. I'm authenticating the client at the Servlet layer but would like to make the client information available to my business and data layers without having to pass the client object through the arguments of every single function.

I'm considering setting up a "session" type object using ThreadLocal. That way any function can just say something like:

CurrentUser.getRoles();

Is this a good way to do this or is there something else that is a more accepted solution?

Thanks!

© Stack Overflow or respective owner

Related posts about session

Related posts about google-app-engine