Re: User.getAttribute("userPassword") not work without LDAP
Web Server forum
Back To The Forum Home!Search!Private Messaging System
Visit your User Control Panel!Register your FREE username now!Visit Our Calendar!View the Member List!Faqs!Search our Forums!

Web Server Talk Web Server Talk > Web Servers reviews > WebSphere > WebSphere Portal Server > Re: User.getAttribute("userPassword") not work without LDAP




  Last Thread   Next Thread Next
  Show Printable Version Email this Page Subscribe to this Thread      Post New Thread    Post A Reply      

    Re: User.getAttribute("userPassword") not work without LDAP  


View Ip Address Report This Message To A Moderator Edit/Delete Message


 
09-16-06 06:48 PM

> Hi,
> I too need the solution to get the user password. But
> I need before login to implement Forgot Password
> functionality.
>
> If anyone give me the solution  that would be great.
>
> Thanks in Advance.
> Regds,
> Hari

ON Portal 5.1.0.2 I managed to get user's password inside Portal.

IBM helped me. I created a Custom JAAS Login Module, where I had access to t
he password, stored the password on an object called WSSubject and read it a
gain inside Portal. After that I stored the password on the vault.

In order to get it working you have to read about adding custom JAAS modules
.


Here my custom JAAS login module (configured on WAS 6.0 console).

/*
* Created on 10/Jul/2006
*
* TODO To change the template for this generated file go to
* Window - Preferences - Java - Code Style - Code Templates
*/
package com.global_seguros.jaas.ssologinmodule;

import java.util.*;
import javax.security.auth.*;
import javax.security.auth.callback.*;
import javax.security.auth.login.*;
import javax.security.auth.spi.*;

/**
* @author cilvc
*
* TODO To change the template for this generated type comment go to
* Window - Preferences - Java - Code Style - Code Templates
*/
public class CustomLoginModule implements LoginModule {

// initial state
private Subject subject;
private CallbackHandler callbackHandler;
private Map sharedState;
private Map options;
// the authentication status
private boolean succeeded = false;
private boolean commitSucceeded = false;
// username and password
private String username;
private String password;

public void initialize(Subject subject, CallbackHandler callbackHandler, Map
 sharedState, Map options) {
this.subject = subject;
this.callbackHandler = callbackHandler;
this.sharedState = sharedState;
this.options = options;
}


public boolean login() throws LoginException {
// prompt for a user name and password
if (callbackHandler == null) throw new LoginException("Error: no CallbackHan
dler available!");

Callback[] callbacks = new Callback[2];

callbacks[0] = new NameCallback("user name: ");

callbacks[1] = new PasswordCallback("password: ", false);

try {
callbackHandler.handle(callbacks);
username = ((NameCallback) callbacks[0]).getName();
password = new String(((PasswordCallback) callbacks[1]).getPassword());
((PasswordCallback) callbacks[1]).clearPassword();
}
catch (java.io.IOException ioe) {
throw new LoginException(ioe.toString());
}
catch (UnsupportedCallbackException uce) {
throw new LoginException("Error: " + uce.getCallback().toString());
}

System.out.println(" ########################################
##############")
;
System.out.println("################## LOGIN() SUCCESSFUL!!!");
System.out.println(" ########################################
##############")
;

succeeded = true;
return true;
}


public boolean commit() throws LoginException {
if (succeeded == false) {
return false;
}
else {

System.out.println(" ########################################
##############")
;

subject.getPublicCredentials().add("user_" + username);
subject.getPublicCredentials().add("password_" + password);
System.out.println("######################### SAVED credentials to Subject P
UBLIC ");

System.out.println(" ########################################
##############")
;

System.out.println("");

System.out.println(" ########################################
##############")
;
System.out.println("################## COMMIT() SUCCESSFUL!!!");
System.out.println(" ########################################
##############")
;

username = null;
password = null;
commitSucceeded = true;
return true;
}
}


public boolean abort() throws LoginException {
if (succeeded == false) {
return false;
}
else
if (succeeded == true && commitSucceeded == false) {
// login succeeded but overall authentication failed
succeeded = false;
username = null;
password = null;
}
else {
// overall authentication succeeded and commit succeeded, but someone else's
 commit failed
logout();
}
System.out.println(" ########################################
##############")
;
System.out.println("################## ABORT() SUCCESSFUL!!!");
System.out.println(" ########################################
##############")
;
return true;
}

public boolean logout() throws LoginException {
subject.getPublicCredentials().remove(String.class);
succeeded = false;
succeeded = commitSucceeded;
username = null;
password = null;
System.out.println(" ########################################
##############")
;
System.out.println("################## LOG OUT() SUCCESSFUL!!!");
System.out.println(" ########################################
##############")
;
return true;
}
}




Here's the code for reading the password inside a Portal's Portlet

/**
* @see org.apache.jetspeed.portlet.PortletAdapter#doView(PortletRequest, Por
tletResponse)
*/
public void doView(PortletRequest request, PortletResponse response) throws 
PortletException, IOException {
// Check if portlet session exists
SingleSignOnWithVaultPortletSessionBean sessionBean = getSessionBean(request
);
if( sessionBean==null ) {
response.getWriter().println("<b>NO PORTLET SESSION YET</b>");
return;
}


Subject subj = null;
String sTempInfo = null;
String sUser = null;
String sPassword = null;

try {
subj = WSSubject.getCallerSubject();
}
catch (WSSecurityException e) {
//			throw new NoCurrentUserException("Could not get WSSubject got exception
", e);
System.out.println("Error...: " + "Could not get WSSubject got exception" + 
e.getMessage());
}

if (subj != null) {

Set credSet = subj.getPublicCredentials(String.class);

if (credSet == null) {
// throw new NoCurrentUserException("PRIVATE CREDENTIALS are NULL"); // My o
wn exception
System.out.println("Error...: " + "Strings are NULL");
}
if (credSet.size() < 1) {
// throw new NoCurrentUserException("No private credentials on WSSubject. Si
ze is "+ credSet.size());
System.out.println("Error...: " + "No Strings on WSSubject. Size is "+ credS
et.size());
}

System.out.println(" ========================================
================
=====");

for (Iterator iterator = credSet.iterator(); iterator.hasNext();) {

sTempInfo = (String) iterator.next();

if ( sTempInfo.indexOf("user_") >= 0 ){
sUser = sTempInfo.substring( sTempInfo.indexOf("user_") + "user_".length(), 
sTempInfo.length() );
}

if ( sTempInfo.indexOf("password_") >= 0 ){
sPassword = sTempInfo.substring(sTempInfo.indexOf("password_") + "password_"
.length() , sTempInfo.length() );
}


}


// System.out.println("sUser......: " + sUser.trim() );
// System.out.println("sPassword..: " + sPassword.trim() );


if (sUser != null ) {
if (sPassword != null ){
if ( request != null ) {
if ( sessionBean != null ){
 SingleSignOnWithVaultPortletSecretManage
r.setCredential(request, sessionBean
, sUser, sPassword);
}
else{
System.out.println("Session Bean NULL");
 SingleSignOnWithVaultPortletSecretManage
r.setCredential(request, sessionBean
, "No User", "No Password");
}
}
else{
System.out.println("Request NULL");
 SingleSignOnWithVaultPortletSecretManage
r.setCredential(request, sessionBean
, "No User", "No Password");
}
}
else{
System.out.println("sPassword NULL");
 SingleSignOnWithVaultPortletSecretManage
r.setCredential(request, sessionBean
, "No User", "No Password");
}
}
else{
System.out.println("sUser NULL");
 SingleSignOnWithVaultPortletSecretManage
r.setCredential(request, sessionBean
, "No User", "No Password");
}
System.out.println(" ========================================
================
=====");
}




// Retrieve user credentials
StringBuffer userId = new StringBuffer("");
StringBuffer password = new StringBuffer("");
try {
 SingleSignOnWithVaultPortletSecretManage
r.getCredential(request,sessionBean,
userId, password);
}
catch( Exception e ) {
if( getPortletLog().isWarnEnabled() )
getPortletLog().warn("Warning on  SingleSignOnWithVaultPortletSecretManage
r.g
etCredential(): "+e.getMessage());
}
// Portlet should use userId/password to log in to the backend systems on be
half of the user.
// Show curent userId/password on the portal page at this time.

// Set current userId/password in the view mode bean
request.setAttribute(USERID,userId.toString());
request.setAttribute(PASSWORD,password.toString());

// Invoke the JSP to render
getPortletConfig().getContext(). include(VIEW_JSP+getJspExtension(request
), r
equest, response);
}

Hope it helps




[ Post a follow-up to this message ]



    Sponsored Links  




 



   All times are GMT. The time now is 03:59 AM.      Post New Thread    Post A Reply      
  Last Thread   Next Thread Next


Most Popular forums 
Apache Server MySQL for Windows Sendmail
Red Hat Networking SuSe Linux Debian Linux
FreeBSD administration Sun Solaris administration Unix Shell programming
WebSphere Portal Server Exchange 2000 administration PostgreSQL administration
Linux Security Computer Security Firewalls

Forum Jump:
Rate This Thread:

Forum Rules:
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts 		HTML code is OFF
vB code is ON
Smilies are ON
[IMG] code is OFF
 
Medical and Health forum | Computer Games Reviews | Graphics design forum

Back To The Top
Home | Usercp | Faq | Register