Having trouble understanding the flow of spring social aroung ConnectionRepository

[highjo]

Hello gurus!

i've just started an integration between my web app using already apache shiro with this spring social 1.0.2.
I've seen some of the example with the JPA implementation of the ConnectionRepository an UsersConnectionRepository. i've started studing the applicaitoncontext in the documentation and i've noticed the
"#{request.userPrincipal.name}" part of the following code:

Code:

<bean id="connectionRepository" factory-method="createConnectionRepository"
factory-bean="usersConnectionRepository" scope="request">
<constructor-arg value="#{request.userPrincipal.name}" />
<aop:scoped-proxy proxy-target-class="false" />
</bean>

so one of my questions is that at which point the ConnectionRepository is created? i mean
taking a scenario of a login where the user is not an existing user on my system.
my chalenge lies in providing the userId (email) to the createConnectionReopository method of the UsersConnectionRepository from the application context .

thanks for reading this

[habuma]

The connection factory is a request-scoped bean, so it is created at request-time for the currently signed in user. (That's why its constructor-arg...which is fed into the createConnectionRepository() method of the usersConnectionRepository bean...is given a value to uniquely identify the current user.

In the code you pasted in, the uniquely identifying value is the name of the user principal. But it could be anything, depending on what security mechanism you're using...we don't tie you down to any specific security framework, but you must provide a value here that identifies the current user from whatever security framework you have in place.

So, my question to you is: How can you, at request time, know who the current user is? You say it's their email address. That's fine, but how would you know what that is? If you were writing a Spring MVC controller and wanted to get the user's email address from the request, how would you do that? The answer to that question is likely the same answer for what you'd wire in for the user ID (using an appropriate SpEL expression if in XML or through other means if you configure this in JavaConfig).

[highjo]

Hello ,


Thanks for replying. i have a clearer understanding. so this is what i understand ConnectionRepository is needed when there is a need to store a connection right:

case signup with ProviderSignController
from what you 've written i understand that it's the scenario of a linking of actual current user of my webapp (presuming that user had already an account with my existing webapp) to his external account with a provider(facebook/twitter etc)
at that point i understand there is a user already authenticated hence the wording current user.

what am not getting is how that scenario of getting the current user fit in a case where it's a fresh user who does not own an account at all? excuse me if all these questions are boring or too beginner like.

thanks for reading and helping out

[habuma]

The "current user" doesn't have to actually hold an account. But there must be some notion of a user in play or else who would you be creating the connection for?

One example that you may want to look at is the Spring Social Quickstart sample. That app doesn't maintain any database of users, but it does use ProviderSignInController to identify who the user is and create an implicit account with an associated connection. But no user has to register to the app or anything like that.