Hello,
we are running SAP WebAS 6.40 with EP6 SP11. We have our user repository in LDAP and want to allow our customers to log in via uniquename as well as displayname. But later on after login the uniquename should be set in the login ticket. so my thought was to create an OPTIONAL Login Module which checks the given j_user string, if it equals the displayname. I put the Login Module in the existing login stack "ticket" at the first place. If the displayname check succeeds, the according uniquename should be used for further login process in stack "ticket". I refresh the user, put it in shared state but the login fails if i take the displayname for the login.
Here is a code snippet of my login module:
********************************************************
HttpGetterCallback getterCallback = new HttpGetterCallback();
getterCallback.setType(HttpCallback.REQUEST_PARAMETER);
getterCallback.setName("j_user");
try {
_callbackHandler.handle(new Callback[] { getterCallback });
} catch (UnsupportedCallbackException e) {
return false;
} catch (IOException e) {
throwUserLoginException(e, LoginExceptionDetails.IO_EXCEPTION);
}
String[] requestParameters = (String[]) getterCallback.getValue();
if ((requestParameters != null) && requestParameters.length > 0) {
givenName = requestParameters[0];
loc.debugT("Given j_user string: " + givenName);
}
if (givenName == null) {
throwNewLoginException("No username provided.");
}
loc.infoT("Checking for Displayname");
//Check via IUser, if the given j_user String equals
//the the Attribute Displayname.
IUserFactory uf = UMFactory.getUserFactory();
try {
IUserSearchFilter usf = uf.getUserSearchFilter();
usf.setDisplayName(givenName, ISearchAttribute.EQUALS_OPERATOR, false);
/*usf.setSearchAttribute(
"",
"diplayName",
givenName,
ISearchAttribute.EQUALS_OPERATOR,
true);*/
ISearchResult usr = uf.searchUsers(usf);
IUser user = null;
if (usr.size() > 1) {
loc.debugT("Given j_user " + givenName + " is not unique");
this.logonID = givenName;
throw new SecurityException();
} else if (usr.size() == 0) {
loc.debugT("Given j_user " + givenName + " is no displayname, using it for further logon process.");
this.logonID = givenName;
} else if (usr.size() == 1) {
user = uf.getUser((String) usr.next());
IUserAccount ua[] = user.getUserAccounts();
logonID = ua[0].getLogonUid();
loc.debugT("Found Logon ID: " + logonID + ", using this for further logon process");
}
loc.debugT("Final Logon ID: " + logonID);
} catch (UMException e) {
loc.errorT(METHOD, "Unable to get UserSearchFilter");
}
try {
loc.infoT("Refreshing user.");
refreshUserInfo(logonID);
loc.debugT("User after refresh is: " + logonID);
} catch (SecurityException e) {
throwUserLoginException(e);
}
if (_sharedState.get(AbstractLoginModule.NAME) == null) {
loc.infoT("Putting logon ID into shared state.");
_sharedState.put(AbstractLoginModule.NAME, logonID);
}
Is there anything missing?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.