|
| > Hi,
> I too need the solution to get the user password. But
> I need before login to implement Forgot Password
> functionality.
>
> If anyone give me the solution that would be great.
>
> Thanks in Advance.
> Regds,
> Hari
ON Portal 5.1.0.2 I managed to get user's password inside Portal.
IBM helped me. I created a Custom JAAS Login Module, where I had access to the password, stored the password on an object called WSSubject and read it again inside Portal. After that I stored the password on the vault.
In order to get it working you have to read about adding custom JAAS modules.
Here my custom JAAS login module (configured on WAS 6.0 console).
/*
* Created on 10/Jul/2006
*
* TODO To change the template for this generated file go to
* Window - Preferences - Java - Code Style - Code Templates
*/
package com.global_seguros.jaas.ssologinmodule;
import java.util.*;
import javax.security.auth.*;
import javax.security.auth.callback.*;
import javax.security.auth.login.*;
import javax.security.auth.spi.*;
/**
* @author cilvc
*
* TODO To change the template for this generated type comment go to
* Window - Preferences - Java - Code Style - Code Templates
*/
public class CustomLoginModule implements LoginModule {
// initial state
private Subject subject;
private CallbackHandler callbackHandler;
private Map sharedState;
private Map options;
// the authentication status
private boolean succeeded = false;
private boolean commitSucceeded = false;
// username and password
private String username;
private String password;
public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) {
this.subject = subject;
this.callbackHandler = callbackHandler;
this.sharedState = sharedState;
this.options = options;
}
public boolean login() throws LoginException {
// prompt for a user name and password
if (callbackHandler == null) throw new LoginException("Error: no CallbackHandler available!");
Callback[] callbacks = new Callback[2];
callbacks[0] = new NameCallback("user name: ");
callbacks[1] = new PasswordCallback("password: ", false);
try {
callbackHandler.handle(callbacks);
username = ((NameCallback) callbacks[0]).getName();
password = new String(((PasswordCallback) callbacks[1]).getPassword());
((PasswordCallback) callbacks[1]).clearPassword();
}
catch (java.io.IOException ioe) {
throw new LoginException(ioe.toString());
}
catch (UnsupportedCallbackException uce) {
throw new LoginException("Error: " + uce.getCallback().toString());
}
System.out.println(" ########################################
##############");
System.out.println("################## LOGIN() SUCCESSFUL!!!");
System.out.println(" ########################################
##############");
succeeded = true;
return true;
}
public boolean commit() throws LoginException {
if (succeeded == false) {
return false;
}
else {
System.out.println(" ########################################
##############");
subject.getPublicCredentials().add("user_" + username);
subject.getPublicCredentials().add("password_" + password);
System.out.println("######################### SAVED credentials to Subject PUBLIC ");
System.out.println(" ########################################
##############");
System.out.println("");
System.out.println(" ########################################
##############");
System.out.println("################## COMMIT() SUCCESSFUL!!!");
System.out.println(" ########################################
##############");
username = null;
password = null;
commitSucceeded = true;
return true;
}
}
public boolean abort() throws LoginException {
if (succeeded == false) {
return false;
}
else
if (succeeded == true && commitSucceeded == false) {
// login succeeded but overall authentication failed
succeeded = false;
username = null;
password = null;
}
else {
// overall authentication succeeded and commit succeeded, but someone else's commit failed
logout();
}
System.out.println(" ########################################
##############");
System.out.println("################## ABORT() SUCCESSFUL!!!");
System.out.println(" ########################################
##############");
return true;
}
public boolean logout() throws LoginException {
subject.getPublicCredentials().remove(String.class);
succeeded = false;
succeeded = commitSucceeded;
username = null;
password = null;
System.out.println(" ########################################
##############");
System.out.println("################## LOG OUT() SUCCESSFUL!!!");
System.out.println(" ########################################
##############");
return true;
}
}
Here's the code for reading the password inside a Portal's Portlet
/**
* @see org.apache.jetspeed.portlet.PortletAdapter#doView(PortletRequest, PortletResponse)
*/
public void doView(PortletRequest request, PortletResponse response) throws PortletException, IOException {
// Check if portlet session exists
SingleSignOnWithVaultPortletSessionBean sessionBean = getSessionBean(request);
if( sessionBean==null ) {
response.getWriter().println("<b>NO PORTLET SESSION YET</b>");
return;
}
Subject subj = null;
String sTempInfo = null;
String sUser = null;
String sPassword = null;
try {
subj = WSSubject.getCallerSubject();
}
catch (WSSecurityException e) {
// throw new NoCurrentUserException("Could not get WSSubject got exception", e);
System.out.println("Error...: " + "Could not get WSSubject got exception" + e.getMessage());
}
if (subj != null) {
Set credSet = subj.getPublicCredentials(String.class);
if (credSet == null) {
// throw new NoCurrentUserException("PRIVATE CREDENTIALS are NULL"); // My own exception
System.out.println("Error...: " + "Strings are NULL");
}
if (credSet.size() < 1) {
// throw new NoCurrentUserException("No private credentials on WSSubject. Size is "+ credSet.size());
System.out.println("Error...: " + "No Strings on WSSubject. Size is "+ credSet.size());
}
System.out.println(" ========================================
=====================");
for (Iterator iterator = credSet.iterator(); iterator.hasNext();) {
sTempInfo = (String) iterator.next();
if ( sTempInfo.indexOf("user_") >= 0 ){
sUser = sTempInfo.substring( sTempInfo.indexOf("user_") + "user_".length(), sTempInfo.length() );
}
if ( sTempInfo.indexOf("password_") >= 0 ){
sPassword = sTempInfo.substring(sTempInfo.indexOf("password_") + "password_".length() , sTempInfo.length() );
}
}
// System.out.println("sUser......: " + sUser.trim() );
// System.out.println("sPassword..: " + sPassword.trim() );
if (sUser != null ) {
if (sPassword != null ){
if ( request != null ) {
if ( sessionBean != null ){
SingleSignOnWithVaultPortletSecretManage
r.setCredential(request, sessionBean, sUser, sPassword);
}
else{
System.out.println("Session Bean NULL");
SingleSignOnWithVaultPortletSecretManage
r.setCredential(request, sessionBean, "No User", "No Password");
}
}
else{
System.out.println("Request NULL");
SingleSignOnWithVaultPortletSecretManage
r.setCredential(request, sessionBean, "No User", "No Password");
}
}
else{
System.out.println("sPassword NULL");
SingleSignOnWithVaultPortletSecretManage
r.setCredential(request, sessionBean, "No User", "No Password");
}
}
else{
System.out.println("sUser NULL");
SingleSignOnWithVaultPortletSecretManage
r.setCredential(request, sessionBean, "No User", "No Password");
}
System.out.println(" ========================================
=====================");
}
// Retrieve user credentials
StringBuffer userId = new StringBuffer("");
StringBuffer password = new StringBuffer("");
try {
SingleSignOnWithVaultPortletSecretManage
r. getCredential(request,sessionBean,userId
, password);
}
catch( Exception e ) {
if( getPortletLog().isWarnEnabled() )
getPortletLog().warn("Warning on SingleSignOnWithVaultPortletSecretManage
r.getCredential(): "+e.getMessage());
}
// Portlet should use userId/password to log in to the backend systems on behalf of the user.
// Show curent userId/password on the portal page at this time.
// Set current userId/password in the view mode bean
request.setAttribute(USERID,userId.toString());
request.setAttribute(PASSWORD,password.toString());
// Invoke the JSP to render
getPortletConfig().getContext(). include(VIEW_JSP+getJspExtension(request
), request, response);
}
Hope it helps
|
|