Skip to Content
author's profile photo Former Member
Former Member

Howto log user if i know userID and passwd

Hi,

i need to make some iview which can be viewed with an anonymouse user and this user has to have possibility to authenticate himself from this iview. Is there any possibility to log user from java code without redirecting to login page(forceLogginUser)-in case if it is not possible what is the best way to store data which user filled in before?

thanks JJ

PS: I found out that i should propably use method logon from interface ILogonAuthentication but i dont know how can i send that userId and passwd. Shoud i use uidpwdlogon

authentication scheme and put in a request that parameters?

Add a comment
10|10000 characters needed characters exceeded

Related questions

1 Answer

  • Best Answer
    Posted on Jan 31, 2005 at 11:23 AM

    Hi JJ,

    see JavaDoc for the logon method, https://media.sdn.sap.com/javadocs/NW04/SP9/ume/com/sap/security/api/logon/ILogonAuthentication.html

    "The standard mechanism does the following: Looks up for the parameter j_user and j_password (pls. see the constants ILoginConstants.LOGON_UID_ALIAS and ILoginConstants.LOGON_PWD_ALIAS) in the servlet request and uses them for logon against the user repository that's configured."

    So add uid and password to the request object.

    For the authscheme parameter, there is no explicit documentation, I would decompile the logon component, then you will find it quite fast, I think.

    Hope it helps

    Detlev

    Add a comment
    10|10000 characters needed characters exceeded

    • Hi JJ,

      > tried to iterate but i was not able

      > to get that IUser with any casting

      ?! Wasn't a problem, the following code works:

      package com.btexx.test;
       
      import java.io.IOException;
      import java.util.Iterator;
      import java.util.Set;
      
      import javax.security.auth.login.LoginException;
      import javax.servlet.http.HttpServletRequest;
      import javax.servlet.http.HttpServletResponse;
      
      import com.sap.security.api.IUser;
      import com.sap.security.api.UMFactory;
      import com.sap.security.api.logon.ILoginConstants;
      import com.sapportals.portal.prt.component.AbstractPortalComponent;
      import com.sapportals.portal.prt.component.IPortalComponentRequest;
      import com.sapportals.portal.prt.component.IPortalComponentResponse;
      
      public class MyExample extends AbstractPortalComponent {
        public void doContent(IPortalComponentRequest request, IPortalComponentResponse response) {
          HttpServletRequest req = request.getServletRequest();
          HttpServletResponse res = request.getServletResponse(true);
          req.setAttribute(ILoginConstants.LOGON_UID_ALIAS, "testtest8");
          req.setAttribute(ILoginConstants.LOGON_PWD_ALIAS, "testtest");
          try {
            Set principals = UMFactory.getLogonAuthenticator().logon(req, res, "uidpwdlogon").getPrincipals();
            Iterator it = principals.iterator();
            while (it.hasNext()) {
              Object o = it.next();
              if (o instanceof IUser) {
                IUser myUser = (IUser) o;                
                res.getWriter().write("Got it!<br>");
                res.getWriter().write("His mail for example: " + myUser.getEmail());
              }
            }
          } catch (LoginException e) {
            // TODO check against logon failures (USER_AUTH_FAILED etc)
            e.printStackTrace();
          } catch (IOException e) {
            e.printStackTrace();
          }
        }
      }

      Hope it helps

      Detlev

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.