We have two options to do this
* Cookie: You can use the LtpaToken from the cookie. This approach works in all cases but one, which is that as soon as you login the first request wont have this cookie.
* Programmatic API: You can always read the LtpaToken from the cookie
private String doesLTPATokenCookieExists(PortletRequest servletRequest){
HttpServletRequest servletRequest =(PortletRequest)request;
Cookie[] cookie =servletRequest.getCookies();
for(int i = 0 ; i < cookie.length ;i++){
System.out.println("Cookie Name " + cookie[i].getName() );
if( cookie[i].getName().equals("LtpaToken"))
return cookie[i].getValue();
}
return false;
}
In cases where the portlet is rendering on a first page that gets invoked after login the LtpaToken wont be there in the cookie. The basic idea is portal server will generate LtpaToken and send it in first response and thereafter the request will always have the LtpaToken cookie but that first request wont have the LtpaToken cookie, in those cases we can use this programmatic method for reading cookie
private String getSecurityToken(){
byte[] token = null;
try{
// Get current security subject
Subject security_subject = WSSubject.getRunAsSubject();
if (security_subject != null){
// Get all security credentials from the security subject
Set security_credentials =
security_subject.getPublicCredentials(WSCredential.class);
// Get the first credential
WSCredential security_credential =
(WSCredential)security_credentials.iterator().next();
String user = (String) security_credential.getSecurityName();
if(user.equalsIgnoreCase("UNAUTHENTICATED")){
return null;
}
token = security_credential.getCredentialToken();
if(token == null){
return null;
}
String ltpaToken =
com.ibm.ws.webservices.engine.encoding.Base64.encode(token);
return ltpaToken;
}
}
catch (Exception e){
e.printStackTrace();
}
return null;
}
Read LTPA token with API
發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章