jsfwebsphere-libertyuserprincipalopen-liberty

How to obtain user principal from Liberty's FORM based authentication in JSF page?


So I have this JSF project that uses form based authentication. On the first attempt to open my JSF page, I get redirected to my login server. There the authentication takes place and on success I get redirected to my application. Unfortunately I don't know how to get the information that the authentication server provides, like username.

I have a page where a text is saying "Signed in as ". should be set by a ManagedBean with the method getCurrentUserPrincipal().

<h:outputText value="#{myBean.getCurrentUserPrincipal()}"/>

The method is currently empty. I tried it with WSSubject.getCallerPrincipal() and FacesContext.getCurrentInstance().getExternalContext().getUserPrincipal() but that returned null. How can I get the information I need with that method? Is it even possible? I'm not sure what information you would need, so if something is missing, I will provide if I can.


Solution

  • After some digging I found out that our authenticating server was a siteminder service and the informations came back in a cookie (SMSESSION) and header information of the response. So, it would be enough to read the header information to get the user name.

    But the principal or subject would still return null. To get this and also make security working, I added a TAI to Liberty. How this is done, you can read here and here. My myTAI.jar is really simple. Because I have a ldap registry configured, I need the user security name (String, e.g. uid=..,ou=..,ou=..) of the given username (header) for further authentication and return this:

    return TAIResult.create(HttpServletResponse.SC_OK, userSecName);

    In the background Liberty will then do some further authentication and creates the principle and subject. If everything is correctly configured and the user is authorized to enter the application, he will and will have principle and subject objects available.