In my application, I use Websphere single sign on authentication. I want to retrieve the logged in user's name, e-mail Id and distinguished name. Almost all the solutions in google are using LDAP server to retrieve the values. I want a solution that doesn't use LDAP as I have already connected to Active Directory through websphere. Please help me with this.
Asked
Active
Viewed 326 times
1 Answers
0
Logged on user is represented as a set of principals within JAAS subject. Information like user name or email is not present there and is not supposed to. You have no other option other than query LDAP (Active Directory in your case).
The statement like "i have already connected to active directory" does not make much sense. Yes, the user is authenticated by WAS through AD, but this does not mean that any sort of persistent connection exists.
ᄂ ᄀ
- 5,669
- 6
- 43
- 57
-
I dont want to hard code the LDAP server username and password in the code. So Is there any way to connect to LDAP server through the username and password of WAS? – user1929839 Jul 17 '13 at 10:13
-
It depends on the registry type - please check http://veithen.blogspot.com/2012/12/retrieving-custom-user-attributes-from.html. Please also note that you don't have to hardcode credentials. You can use authentication alias configured in WAS - http://stackoverflow.com/questions/4663534/how-to-access-authentication-alias-from-ejb-deployed-to-websphere-6-1/6355992#6355992 – ᄂ ᄀ Jul 17 '13 at 20:11