[Esapi-dev] DataBase based Authentication using ESAPI

Majji trinada.rao at gmail.com
Wed Sep 11 18:53:26 UTC 2013


Hi Kevin/Chris,

I'm new to ESAPI and able to implement Database based Authentication in my
current project. I'm able to successfully log in but when tried to logout,
the *getCurrentUser()* returning Anonymous user.

public void logout() {
        *User user = getCurrentUser();*
        if (user != null && !user.isAnonymous()) {
            user.logout();
        }
    }

When user logged in, setting setCurrentUser() which internally call below
code

private final ThreadLocalUser currentUser = new ThreadLocalUser();

    private class ThreadLocalUser extends InheritableThreadLocal<User> {

        public User initialValue() {
            return User.ANONYMOUS;
        }

        public User getUser() {
            return super.get();
        }

        public void setUser(User newUser) {
            super.set(newUser);
        }
    }

Please help.

-- 
Thanks and Regards
Trinada R. Majji
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/esapi-dev/attachments/20130911/f1556588/attachment.html>


More information about the Esapi-dev mailing list