Welcome to the jGuard's wiki » jGuard Documentation » smooth integration with j2ee security methods

smooth integration with j2ee security methods

Last modified by RaffaelloPelagalli on 2006/09/19 15:31

smooth integration with j2ee security methods

since the 0.70 release, jGuard integrates smoothly with libraries that use "j2ee security methods" present in the HttpServletRequest class. this integration is realized through the use of a HttpServletRequestWrapper, which is transparent for the jGuard user.

String getRemoteUser()

This method return the identifier of the user.jGuard is looking for the 'login' credential, firstly in the public credential set, and if not found, in the private credential set. if there is no credential called 'login', or if the user hasn't got the permission to grab the private credential 'login', this method return null.

public class MyDispatchAction extends DispatchAction{
 public ActionForward create(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) {
          String remoteUser=  request.getRemoteUser();
          System.out.println("user login is = "+remoteUser);
 }
}

Principal getUserPrincipal()

this method returns a special jGuard Principal implementation : SubjectAsPrincipal. when you use the getName() method of this special Principal, it returns a String from a credential called 'name', either in the public or private credential set. if no credential is found, it returns null. this special Principal permits to grab the Subject object of the user (you can grab it too in the HttpSession), with its getSubject() method.

public class MyDispatchAction extends DispatchAction{
 public ActionForward create(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) {
          Principal principal =  request.getUserPrincipal();
          String name= principal.getName();
          System.out.println("user name is"+name);
          SubjectAsPrincipal sap = (SubjectAsPrincipal)principal;
          Subject subject = sap.getSubject();
 }
}

boolean isUserInRole(String role)

this methods return true if the user has got one principal with the related name; otherwise, it returns false.

public class MyDispatchAction extends DispatchAction{
 public ActionForward create(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) {
          boolean admin=  request.isUserInRole("admin");
          System.out.println("user is an admin = "+admin);
 }
}
Tags:
Created by diabolo512 on 2006/02/09 14:33

jGuard team copyright 2004-2009
3.1.1