cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

user.isAuthenticated() returns "False"

Go to solution
Former Member

on ‎02-14-2005 5:55 PM

0 Kudos

Hi everybody,

I´m trying to use this code:

IUser user = (IUser) componentRequest.getServletRequest().getAttribute("user");

if (user.isAuthenticated()) {

....

}

in my .jsp (PDK6 SP2), but it returns "false" when it´s supposed to return "true".

In my doProcessBeforeOutput() method I have something like this:

...

IPortalComponentRequest request = (IPortalComponentRequest) this.getRequest();

...

try {

IUserManagementService umService = (IUserManagementService) request.getService(IUserManagementService.KEY);

IUserFactory userFactory = umService.getDefaultFactory();

user = userFactory.getUser(request.getUser().getLogonUid());

} catch (UserManagementException ex) {

...

}

...

request.getServletRequest().setAttribute("user", user);

I´m using the usermanagement service as the documentation says. Am I missing something? Can I test it with the Component Inspector in PDK 6 (Java Development Role)? Do I have to configure some special property in my portal?

Thanks for Your help.

Susy.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

detlev_beutner
Active Contributor
‎02-14-2005 6:10 PM
0 Kudos

Hi Susy,

the method returns what it is expected to return. The IUser object you get from the request is constructed by the userFactory. From this you get an unauthenticated IUser object. How should anyone in this line know that the user is authenticated. You cut off all auth information when passing the logon ID.

With other words: From the component request you get an IUser (authenticated!). From this you get the logon ID - a String. Now you ask the IUserFactory to return the IUser object corresponding to this logon ID. The IUserFactory says: "OK, I don't know what you want to do with it, but here it is; all I can say about this User is that (s)he exists." And <i>this</i> IUser object for sure is <i>not</i> authenticated.

With this understood, you have solution at the same time: You can delete all the superfluous code and within your JSP just ask

IUser user = (IUser) componentRequest.getUser();
if (user.isAuthenticated()) {
....
}

On the other hand, it is hard to imagine how the user object comes into the componentrequest without being authenticated...

Hope it helps

Detlev

PS: Please consider rewarding points for helpful answers. Thanks in advance!

Show replies
Show replies
Former Member
‎02-14-2005 10:07 PM
0 Kudos

Thank you Detlev,

Your explanation was helpful.

On the other hand, when I follow your solution (my first version when I started to develope this application) the next error is generated:

Error in executing a process for compilation, D:/usr/sap/EPD6/j2ee/j2ee_00/cluster/server/services/servlet_jsp/work/jspTemp/irj/root/WEB-INF/portal/portalapps/com.cs.relatedLinksIview/work/pagelet/_sapportalsjsp_LinksContainer.java:257: interfaces com.sapportals.portal.prt.session.IUserContext and com.sapportals.portal.security.usermanagement.IUser are incompatible; both define getFax(), but with different return type IUser user = (IUser) componentRequest.getUser(); ^ 1 error .

Is there something wrong with the libraries and PDK6?

Regards,

Susy.

detlev_beutner
Active Contributor
‎02-14-2005 10:55 PM
0 Kudos

Hi Susy,

the problem is that with EP6 you have to work with two different IUser objects, and here you have just mixed them up (it's not your fault, it's SAPs fault for having this mixed concept, when they moved the user management from portal to a generic service (this move was correct) but let KM use the old IUser class (this was s...ty)).

So, what you get from cmpCtx.getUser() first is a IUserContext, but this in fact is a com.sap.security.api.IUser (the new kind of user) but not a com.sapportals.portal.security.usermanagement.IUser (the old user kind).

So import this user or use full qualified names - or, maybe, just let this away, as said, it is hard to imagine how the user object you retrieve shouldn't be authenticated (an exception may be an externally facing portal, where users see the same iViews but with different content depending whether they are authenticated or not).

Hope it helps

Detlev

Former Member
‎02-15-2005 1:49 PM
0 Kudos

Hi Detlev,

What do you mean? Do I have to import com.sap.security.api.IUser? I already imported com.sapportals.portal.security.usermanagement.IUser.

Whatever, I´m using this because of this code line:

IResourceContext resourceContext = new ResourceContext(user);

Is there another way to use it?

Thanks.

Susy

detlev_beutner
Active Contributor
‎02-15-2005 1:59 PM
0 Kudos

Hi Susy,

> What do you mean?

> Do I have to import com.sap.security.api.IUser?

When I write "So import this user or use full qualified names" I mean this. I think it was English not Chinese...

> I already imported

> com.sapportals.portal.security.usermanagement.IUser.

Yeah, for sure, and I wrote that this is the wrong user here. (HERE! Read on...)

> IResourceContext resourceContext =

> new ResourceContext(user);

- Tralalalala: Here we are That's what I said in the posting before, KM uses this "old" user". It's horrible, I know, but that's how it is...

SAP has been nice enough to implement transformation methods, see for details.

If you have to use both users, you can import one of both and for the other use it's full qualified name.

An additional remark: Creating resourceContexts within a JSP definitely is bad design for being there too much "business logic".

Hope it helps to <i>solve</i> your problem (knick-knack),

best regards

Detlev

Former Member
‎02-16-2005 1:06 PM
0 Kudos

Hi Detlev,

I forgot to say thank you.

Regards.

SS

Answers (0)

Ask a Question