You can access authentication responses and other data from the SiteMinder Principal using the SiteMinder User Principal API. This interface, com.netegrity.siteminder.asaframework.common.SmUserPrincipal, provides the following calls:
Returns the name of a principal.
Returns the user DN of a principal.
Returns the session ID of a principal.
Returns the session spec of a principal.
Returns the Object ID of the user directory a principal was authenticated against.
Returns the responses returned by the Policy Server during authentication in the form of the HashMap described in Common HashMap Response Structure.
Note: Your J2SE security policy must be configured to ensure valid permissions for access to the Subject. For example:
grant codebase "file:myapp.war" { permission javax.security.auth.AuthPermission "wssecurity.getCallerSubject"; };
The following code snippet shows how to obtain the SiteMinder Principal:
public void service(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { … javax.security.auth.Subject subject = com.ibm.websphere.security.auth.WSSubject.getCallerSubject (); java.util.Set principals = subject.getPrincipals (com.netegrity.siteminder.asaframework.common.SmUserPrincipal.class); java.util.Iterator i = principals.iterator(); while (i.hasNext()) { SmUserPrincipal smUser = (SmUserPrincipal)i.next(); // Get Authentication Responses HashMap authResponseMap = smUser.getAuthResponses(); } … }
Copyright © 2010 CA. All rights reserved. | Email CA Technologies about this topic |