Accessing Portal Roles and User Attributes

JSR-168 Support for Roles and User Attributes

The JSR-168 specification provides support for requesting user role and attribute information from the portal. Both desired roles names and user attribute names should be listed in the application's portlet.xml.

Roles

To make a role available to your application, include a security-role-ref element in your portlet.xml for each desired role. This declaration should be outside the portlet declarations.

Role names are the name your portlet will use to denote a particular portal group. This name may be anything you like and is visible only to the portlet. The role link value must match either the fully qualified key (serviceName.groupKey) or display name of an existing uPortal group. For example, you might have any of the following styles of declarations:

<security-role-ref>
    <role-name>everyone</role-name>
    <role-link>Everyone</role-link>
</security-role-ref>
<security-role-ref>
    <role-name>student</role-name>
    <role-link>local.34</role-link>
</security-role-ref>
<security-role-ref>
    <role-name>undergraduates</role-name>
    <role-link>pags.3</role-link>
</security-role-ref>

Once this declaration is in your portlet.xml file, you can test for role membership through the portlet API:

boolean isStudent = request.isUserInRole("student");

User attributes

To make a user attribute available to your application, include a user-attribute element in your portlet.xml for each desired attribute. This declaration should be outside the portlet declarations.

<user-attribute>
    <name>user.login.id</name>
</user-attribute>
<user-attribute>
    <name>password</name>
</user-attribute>

Once this declaration is in your portlet.xml file, you can query user attributes using the Java API:

Map<String,String> userInfo = (Map<String,String>) request.getAttribute(PortletRequest.USER_INFO);
String userId = userInfo.get("user.login.id");

Making User Attributes Available from uPortal

TODO: Describe UserInfoService API.

Other Options

Esup-Portail has offers a web service (hosted by uPortal and interrogated by the portlets) that gives access to portal groups and user attributes. More information about this add-on is available at https://wiki.jasig.org/display/UPC/esup-portal-ws+-+a+web+service+to+publish+groups+and+user+attributes.