Agent Guide › Obtaining SiteMinder Agent Data Programmatically › Obtain Authentication Responses and Other Data from the SiteMinder Principal

Obtain Authentication Responses and Other Data from the SiteMinder Principal

You can access authentication responses and other data from the SiteMinder Principal using the SiteMinder User Principal API. This interface, com.netegrity.siteminder.asaframework.common.SmUserPrincipal, provides the following calls:

• getName ()

  Returns the name of a principal.

• getNameDN ()

  Returns the user DN of a principal.

• getSessionID ()

  Returns the session ID of a principal.

• getSessionSpec ()

  Returns the session spec of a principal.

• getAuthDirectoryOid ()

  Returns the Object ID of the user directory a principal was authenticated against.

• getAuthResponses ()

  Returns the responses returned by the Policy Server during authentication in the form of the HashMap described in Common HashMap Response Structure.

Note: Your J2SE security policy must be configured to ensure valid permissions for access to the Subject. For example:

grant codebase "file:myapp.war" {
    permission javax.security.auth.AuthPermission "wssecurity.getCallerSubject";
};

The following code snippet shows how to obtain the SiteMinder Principal:

public void service(HttpServletRequest request, HttpServletResponse response)
       throws ServletException, IOException

{
	…

	javax.security.auth.Subject subject = 
	com.ibm.websphere.security.auth.WSSubject.getCallerSubject ();

	java.util.Set principals = subject.getPrincipals
	(com.netegrity.siteminder.asaframework.common.SmUserPrincipal.class);
	
	java.util.Iterator i = principals.iterator();	
	while (i.hasNext())
	{
	SmUserPrincipal smUser = (SmUserPrincipal)i.next();
	// Get Authentication Responses
	HashMap authResponseMap = smUser.getAuthResponses();
	}

	…
}