R.T.H.Chin wrote:
Hi,
I am developing some portlets for Jetspeed1.6 according to the Java
Portlet Specification. Everything works fine except for one thing: I
cannot get the username of the client. These all return null:
request.getAuthType();
request.getRemoteUser();
request.getUserPrincipal();
You need to configure a JAASSessionValidator
org.apache.jetspeed.modules.actions.JAASSessionValidator
Here are the instructions from the javadocs:
/**
* JAAS Session validator populates the Jetspeed User via the
servlet.getUserPrincipal() call
* When using this session validator, Authentication is delegated to
the Application Server.
* Recommend disabling all user login functionality via Jetspeed, and
using your web.xml
* to protect access to all Jetspeed resources (place after
resource-ref or welcome-file-list:
*
* <security-constraint>
* <display-name>Jetspeed Security</display-name>
* <web-resource-collection>
* <web-resource-name>Protected Area</web-resource-name>
* <!-- Define the context-relative URL(s) to be protected -->
* <url-pattern>/*</url-pattern>
*
* <!-- If you list http methods, only those methods are protected -->
* <http-method>DELETE</http-method>
* <http-method>GET</http-method>
* <http-method>POST</http-method>
* <http-method>PUT</http-method>
* </web-resource-collection>
* <auth-constraint>
* <!-- Anyone with one of the listed roles may access this area -->
* <role-name>user</role-name>
* <role-name>admin</role-name>
* </auth-constraint>
*
* <!--
* <user-data-constraint>
* <transport-guarantee>CONFIDENTIAL</transport-guarantee>
* </user-data-constraint>
* -->
* </security-constraint>
*
* <login-config>
* <auth-method>BASIC</auth-method>
* <realm-name>Jetspeed BASIC Authentication</realm-name>
* </login-config>
*
* <!-- Default login configuration uses form-based authentication -->
* <!--
* <login-config>
* <auth-method>FORM</auth-method>
* <realm-name>Example Form-Based Authentication Area</realm-name>
* <form-login-config>
*
<form-login-page>/jsp/security/protected/login.jsp</form-login-page>
*
<form-error-page>/jsp/security/protected/error.jsp</form-error-page>
* </form-login-config>
* </login-config>
* -->
*
* <!-- Security roles referenced by this web application -->
* <security-role>
* <role-name>admin</role-name>
* </security-role>
* <security-role>
* <role-name>user</role-name>
* </security-role>
* <security-role>
* <role-name>guest</role-name>
* </security-role>
*
* Place the following the the servlet element where the Turbine
servlet is defined:
*
* <security-role-ref>
* <role-name>user</role-name> <!--passed to isUserInRole()-->
* <role-link>user</role-link> <!--Jetspeed role name-->
* </security-role-ref>
*
* <security-role-ref>
* <role-name>admin</role-name>
* <role-link>admin</role-link>
* </security-role-ref>
*
* <security-role-ref>
* <role-name>guest</role-name>
* <role-link>guest</role-link>
* </security-role-ref>
*
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
