HttpSessionCategoryIntegrationFilter.java

package org.beanfuse.security.monitor.filters;

import javax.servlet.http.HttpSession;

import org.beanfuse.security.Authentication;
import org.beanfuse.security.UserDetails;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class HttpSessionCategoryIntegrationFilter implements HttpSessionIntegrationFilter {
	private final static Logger logger = LoggerFactory
			.getLogger(HttpSessionCategoryIntegrationFilter.class);

	public void register(HttpSession session, Authentication auth) {
		logger.debug(
				"add session security attribute USERID,LOGINNAME,USERNAME,USER_CATEGORYID for {}",
				auth.getPrincipal());
		UserDetails details = (UserDetails) auth.getDetails();
		session.setAttribute(Authentication.USERID, details.getUserid());
		session.setAttribute(Authentication.LOGINNAME, auth.getPrincipal());
		session.setAttribute(Authentication.FULLNAME, details.getFullname());
		session.setAttribute(Authentication.USER_CATEGORYID, details.getCategory().getId());
	}

	public void clear(HttpSession session) {
		logger.debug("clean session security attribute USERID,LOGINNAME,USERNAME,USER_CATEGORYID");
		session.removeAttribute(Authentication.USERID);
		session.removeAttribute(Authentication.LOGINNAME);
		session.removeAttribute(Authentication.FULLNAME);
		session.removeAttribute(Authentication.USER_CATEGORYID);
	}
}