Multi-country polymer site

lenny · August 9, 2018, 9:47pm

Refer to my polymer-based site https://betwise.pro/
I would like to display country-specific entity records based on the country selected by user in the website. By default the selected country should be the country the user is accessing the website from based on IP address. To achieve this I have implemented single-database multi-tenancy through access groups, where each country represents a tenant as follows:
Company
– Countries
------ Kenya
------ Uganda
------ South Africa

This approach works well for a private site where users have to login, and a session attribute ‘country’ is automatically set based on the access group ‘country’ they belong. However my site is publicly accessed, that is it uses anonymous user login when users access it without logging in.
My challenge is how to make sure users who publicly access the website from various countries get their session attribute initially set to their country, but still allowing the user to switch the country, which is useful in case where someone is accessing the site from abroad but still want to view data for their country of origin.

This is what I have done so far in addition to implementing multi-tenancy:

I have put the Anonymous user at the ‘Countries’ access group above the countries.
I have put a drop-down menu element inside the polymer shell page to display list of countries as follows:

            <paper-dropdown-menu id="countryMenu" class="custom" label="Select Country" dynamic-align=true horizontal-align="right">
              <paper-listbox slot="dropdown-content" attr-for-selected="value" selected="{{country}}" on-selected-item-changed="_setCountrySessionVariable" >
               <paper-item value="Kenya" >Kenya</paper-item>
                <paper-item value="Uganda" >Uganda</paper-item>
                <paper-item value="Zambia" >Zambia</paper-item>
                <paper-item value="South Africa" >South Africa</paper-item>
              </paper-listbox>
            </paper-dropdown-menu>

My specific questions are

How to set the selected country to user’s country by default
How to set the ‘country’ user session attribute of Anonymous user dynamically when user switches the country in the polymer page.

minaev · August 10, 2018, 1:07pm

Hi, the main issue here is that the anonymous users share the same middleware [anonymous] session. So in order to have different session attributes for different groups of anonymous users we have to create several middleware sessions (e.g. one for each group).

In order to achieve this you can do the following:

Create anonymous users for each country, (e.g. kenya-anonymous). Double check that restrictive role and access group are assigned to each user.
Override default cuba_AnonymousAuthenticationFilter bean. In order to do this:

create CustomAnonymousAuthenticationFilter class.
create rest-dispatcher-spring.xml in web/portal module with the following contents:

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:context="http://www.springframework.org/schema/context"
       xmlns:security="http://www.springframework.org/schema/security"
       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.3.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.3.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.2.xsd">

    <bean id="cuba_AnonymousAuthenticationFilter"
          class="com.company.example.rest.CustomAnonymousAuthenticationFilter"/>

</beans>

register config in web-app.properties/portal.properties:

cuba.restSpringContextConfig = +com/company/demo/rest-dispatcher-spring.xml

Implement CustomAnonymousAuthenticationFilter so that it will create and reuse appropriate anonymous session e.g. in depend on request header. You can use AuthenticationService/TrustedClientCredentials to log-in anonymous user.

Unfortunately currently it’s not easy to intervene to all requests to rest api made by Polymer client so that you can pass selected country as header. But there is an issue for that. Let me know if it’s viable solution for you so that we can prioritize the issue above.

lenny · August 11, 2018, 5:09pm

Thank Vlad for the quick response. Let me try this approach and will revert back soon.

lenny · August 11, 2018, 5:41pm

Yes please prioritize resolution of issue:“Provide an ability to intercept requests/responses” as it will be useful for my case.