Hi all,
I have an application which is in development stage. When we started we didn't designed it for security(user authentication). The sad thing happened is security was introduced in the later stage.
There came the complication.
Somehow the session facade in my app will know the the user credentials. This information has to be communicated to the database layer(the bottom most layer) each and every time we do a transaction. In between the session facade and the database we have core classes which perform the business, these clases were maintained by different people. The order from the lead is without any effect on these core business classes, I have to communicate to the database layer the user credentials so that we use it later for audit purpose.
I have planned the following strategy.
Whenever some end user(the client tier) hit the session facade I am updating a static hashmap in some class with the key as the current
thread hashcode and the value as the user credentials. So when the control of the business process(after passing through the core business classes) reaches the database layer I will query the hash map with the current threads hashcode and get the user credentials.
What my question is will the thread hash code is same at the both ends i.e the thread which stated the business execution at the session facade is responsible for completing the proces s Or it can handover the execution to some other thread in its way. Is it reliable to use current thread hashcode??
I've read somewhere that we should not use threading issues in coding
EJB's. In such a case suggest me an approch to tackel the above problem.
Is Refactoring must? :-(
Thanks in advance
Vydeek