如何在jetspeed中设置用户信息?
我们在一个项目中使用 Jetspeed,并要求 jetspeed 应针对第三方休息服务进行身份验证,该服务接受用户名和密码并返回用户对象。
我发现实现这一点而又不会过多影响 jetspeed 的最简单、最直接的方法是编写一个自定义 AuthenticationProvider 来扩展 DefaultAuthenticationProvider 类并覆盖登录方法。
在对用户进行身份验证后,我会返回用户详细信息,包括角色、电子邮件等。现在,如果用户已存在于 jetspeed 数据库中,我会同步他的角色,否则我会创建用户并为他分配远程服务返回的角色。
现在我也想要一种设置 user.email、user.firstname 和 user.lastname 属性的方法,以便可以在 psml 文件中使用 $jetspeed.getUserAttribute 访问它。知道我们该怎么做吗?
这是我的代码[删除不必要的东西] --
public class CustomAuthenticationProvider extends BaseAuthenticationProvider {
....
public AuthenticatedUser authenticate(String userName, String password) throws SecurityException {
try {
//Login the user
UserSessionDTO customSession = Security.login(userName, password);
//Fetch the user details
UserDTO customUser = customSession.getUser();
//Get the user roles
List<UserRoleDTO> roles = customUser.getUserRoleDTOList();
//Verify/create the user in jetspeed user database
UserImpl user = null;
if (!um.userExists(customUser.getLoginId())) {
user = (UserImpl) um.addUser(customUser.getLoginId(), true);
//Standard data
user.setMapped(true);
user.setEnabled(true);
} else {
user = (UserImpl) um.getUser(customUser.getLoginId());
}
//Sync the portal user roles with the CMGI user roles
List<Role> portalRoles = rm.getRolesForUser(customUser.getLoginId());
for (Role portalRole : portalRoles) {
Boolean found = Boolean.FALSE;
for (UserRoleDTO role : roles) {
if (role.getRoleName().equalsIgnoreCase(portalRole.getName())) {
found = Boolean.TRUE;
break;
}
}
if(!found){
rm.removeRoleFromUser(userName, portalRole.getName());
}
}
for(UserRoleDTO role : roles){
rm.addRoleToUser(userName, role.getRoleName());
}
PasswordCredential pwc = new PasswordCredentialImpl(user, password);
UserCredentialImpl uc = new UserCredentialImpl(pwc);
AuthenticatedUserImpl authUser = new AuthenticatedUserImpl(user, uc);
return authUser;
}
.... } }
We are using Jetspeed in a project and have a requirement that jetspeed should authenticate against a third party rest service which accepts username and password and returns back the User Object.
The most simplest and straightforward way I found of implementing this without effecting jetspeed too much was to write a custom AuthenticationProvider extending the DefaultAuthenticationProvider class and overriding the login method.
After I authenticate the user I get back the User details including roles, email, etc. Now if the user already exists in jetspeed database, I sync his roles, else I create the user and assign him the roles returned by the remote service.
Now I want a way to set the user.email, user.firstname and user.lastname properties too, so that it is accessible using $jetspeed.getUserAttribute in the psml files. Any idea how can we do this?
Here is my code [cut out unnecessary stuff] --
public class CustomAuthenticationProvider extends BaseAuthenticationProvider {
....
public AuthenticatedUser authenticate(String userName, String password) throws SecurityException {
try {
//Login the user
UserSessionDTO customSession = Security.login(userName, password);
//Fetch the user details
UserDTO customUser = customSession.getUser();
//Get the user roles
List<UserRoleDTO> roles = customUser.getUserRoleDTOList();
//Verify/create the user in jetspeed user database
UserImpl user = null;
if (!um.userExists(customUser.getLoginId())) {
user = (UserImpl) um.addUser(customUser.getLoginId(), true);
//Standard data
user.setMapped(true);
user.setEnabled(true);
} else {
user = (UserImpl) um.getUser(customUser.getLoginId());
}
//Sync the portal user roles with the CMGI user roles
List<Role> portalRoles = rm.getRolesForUser(customUser.getLoginId());
for (Role portalRole : portalRoles) {
Boolean found = Boolean.FALSE;
for (UserRoleDTO role : roles) {
if (role.getRoleName().equalsIgnoreCase(portalRole.getName())) {
found = Boolean.TRUE;
break;
}
}
if(!found){
rm.removeRoleFromUser(userName, portalRole.getName());
}
}
for(UserRoleDTO role : roles){
rm.addRoleToUser(userName, role.getRoleName());
}
PasswordCredential pwc = new PasswordCredentialImpl(user, password);
UserCredentialImpl uc = new UserCredentialImpl(pwc);
AuthenticatedUserImpl authUser = new AuthenticatedUserImpl(user, uc);
return authUser;
}
....
}
}
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您可以在 security-managers.xml 中的 Jetspeed 用户 bean“org.apache.jetspeed.security.JetspeedPrincipalType.user”中添加自定义用户属性。
这些属性应该这样定义
例如
You can add custom user attributes in Jetspeed user bean "org.apache.jetspeed.security.JetspeedPrincipalType.user" located in security-managers.xml.
These attributes should be defined like this
e.g