Consuming User Attributes
- Laura McCord
General support for user attributes
You need to add to your portlet.xml something like
<user-attribute> <description>User Family Name</description> <name>user.name.family</name> </user-attribute>
where the <name> attribute is the Key mapped within your PersonDirectory.xml or personDirs.xml (see manual [chapter on user attributes|06 User Attributes]).
Then from within your Portlet code you can access the values like this
Map userInfo = (Map)request.getAttribute(PortletRequest.USER_INFO);
String surname = (String)userInfo.get("user.name.family");
Special support for conveying the end user's password to the JSR-168 portlet
Cache and replay passwords only with sober consideration
Don't use uPortal's password caching and replay features unless you really want these behaviors! Don't expose end user passwords to portlets you don't trust. (Then again, don't install into your portal portlets you don't trust.)
The user attribute "password" is populated with the end user's cached password when a caching security context is used *and* off-by-default support for conveying those cached passwords via the JSR-168 user attribute API is turned on.
Enabling conveyance of passwords as user attributes
Configuring uPortal to cache the password at login
This is accomplished in security.properties. Rather than documenting how to do this here, this topic should be treated [in the prior manual section on caching security contexts|09 Credential Caching in Security Contexts].
Configuring uPortal's portlet container to convey the password
In portletContainerContext.xml, enhance the existing declaration:
<bean id="userInfoService">
<property name="userInfoServices">
<list>
<ref bean="personDirectoryUserInfoService"/>
<ref bean="casTicketUserInfoService"/>
</list>
</property>
</bean>
to additionally reference the cached password service:
<bean id="userInfoService"> <property name="userInfoServices"> <list> <ref bean="personDirectoryUserInfoService"/> <ref bean="casTicketUserInfoService"/> <ref bean="cachedPasswordUserInfoService"/> </list> </property> </bean>
Of course, that reference needs to point at a bean declaration, so introduce a bean like this:
<bean id="cachedPasswordUserInfoService" > <property name="portalRequestUtils" ref="portalRequestUtils" /> <property name="userInstanceManager" ref="userInstanceManager" /> <property name="portletWindowRegistry" ref="portletWindowRegistry" /> <property name="portletEntityRegistry" ref="portletEntityRegistry" /> <property name="portletDefinitionRegistry" ref="portletDefinitionRegistry" /> <property name="passwordKey" value="password"/> </bean>
Requires uPortal 3.0.1
CachedPasswordUserInfoService was not included in uPortal 3 until 3.0.1, so if you're working with a prior release, this declaration won't work until you merge in that source code or class file that it requires. Upgrading to a later version than 3.0.0 is recommended.
Consuming the attributes once available
<user-attribute> <description>Specially treated user attribute name that will be populated with the end user's cached password, if available</description> <name>password</name> </user-attribute>
Then from within your Portlet code you can access the password like this
Map userInfo = (Map)request.getAttribute(PortletRequest.USER_INFO);
String password = (String)userInfo.get("password");

Consuming Multi-Value Attributes
Suppose you are trying to access an ldap attribute that consists of a list of values. Recently, support was added in uPortal 3.1.3 and 3.2.0 for the USER_INFO_MULTIVALUED (org.jasig.portlet.USER_INFO_MULTIVALUED) attribute which returns a Map<String, List<Object>>. For detailed information about this addition, please visit the following link: https://issues.jasig.org/browse/UP-933
Â