How to determine ADF roles a user is in - before fully authenticated
884628Nov 27 2012 — edited Nov 27 2012[JDev/ADF v11.1.1.5.0]
I am trying to intercept a user's login to our ADF application (to log it to a database). I have written a custom login page and backing bean to handle the login using:
mySubject = login(this._username, this._password);
HttpServletRequest request = (HttpServletRequest)ctx.getExternalContext().getRequest();
ServletAuthentication.runAs(mySubject, request);
ServletAuthentication.generateNewSessionID(request);
// determine what ADF 'Application Roles' the user has
// ???
// log to database here
// ... [code removed] ...
HttpServletResponse response = (HttpServletResponse)ctx.getExternalContext().getResponse();
RequestDispatcher dispatcher = request.getRequestDispatcher("/adfAuthentication");
dispatcher.forward(request, response);
What I need to do, however, is determine what roles a user has in the app, at the "???" point in the above code. If I interrogate the 'mySubject' object, it lists the groups from our authentication source that the user is a member of. In ADF Security, I've mapped these "Enterprise Roles" to "Application Roles", and need to get access to the Application Roles before redirecting them to the adfAuthentication servlet.
I've tried using ADFContext.getCurrent().getSecurityContext().getUserRoles() where the '// ???' is, but it returns the 'anonymous' user (and associated roles). It appears that even though I've switched to runAs the authenticated user (via ServletAuthentication.runAs), ADF still thinks I'm running as the initial (anonymous) user.
Is there a way to tell ADF to 'refresh' who it thinks I am now, so it will see me as the (now-authenticated) user, with their roles, etc.? Or, is there some other way to determine what (Application) roles a user has given their username?
Thanks!
Edited by: Karl C on Nov 27, 2012 12:28 PM