Announcement

Collapse
No announcement yet.
X
  • Filter
  • Time
Clear All
new posts

    How to retrieve login username

    Hi,

    I have setup a smart gwt application deployed on tomcat6. I have configured the application to authenticate using a form based authentication.

    I have this working and protected the main app page [modulename].html. Users gets challenge with their credentials upon going to this page.

    Now, my issue is how to get the login username. I know in jsp, we use <%= request.getRemoteUser() %> . Is there something simple like this on smart GWT?

    If not, how do i go about getting the username of logged in user? This seems very simple request but just dont know where to start on smart GWT.

    Thanks,
    Ryan

    #2
    My solution to this was to create a new servlet that can be queried using GWT RPC to return the current logged in user. So my RPC class has a method String getLoggedInUser().

    Check the standard GWT sample on how to write a GWT RPC method: http://www.vogella.de/articles/GWT/article.html

    Hope that helps. And I'm interested to hear of any other suggestions people have.

    Comment


      #3
      Typically, we create a "user" DataSource and represent the login operation as a fetch on this DataSource, passing credentials. If it succeeds then you are returned the details of the current user.

      Comment


        #4
        I have it working:

        My datasource is configured to call a server method "update":

        In my class code, I call the getRemoteUser();
        Code:
         public ComponentLead update(Map record, DSRequest dsRequest,HttpServletRequest servletRequest)
        ...
         String modified_by = servletRequest.getRemoteUser();
        ...

        Comment


          #5
          Hello,

          Isomorphic, can you elaborate more, and provide an example of using a login page backed by a user datasource?

          I can see how I could make a dynamic form and have it read from a DB, using .ds.xml definitions. But, not sure how to protect the other pages of our app, or redirect and relogin. So an example would be helpful.

          Thanks,
          Evan

          Comment


            #6
            Hello,

            Using Tomcat and following the security example I have a login.jsp working with users/roles. Which when one logs in gets me to my entry point in GWT and my Smart GWT demo.

            Now I want to get the user who is logged in and am puzzling out how to do this. There seem to be several suggestions. RPC, servlets, and such.

            What is the Isomorphic way to do this? request.getRemoteUser ...

            Thanks,
            Evan

            Comment


              #7
              My solution is with SOAP:

              Code:
                  private void doLogin(String username, String password){
                  	final String wsdlURL = Settings.getInstance().getWsAuthWsdlURL();
                  	final String namespaceURL = Settings.getInstance().getWsAuthNamespaceURL();
                  	
                  	String wsOperation = "login";
              		
              		XmlNamespaces ns = new XmlNamespaces();  
              		ns.addNamespace("tns", namespaceURL);
              		
              		DataSource resultDS = new DataSource(){
              			@Override
              			protected void transformResponse(DSResponse response, DSRequest request, Object data) {
              				if(response.getHttpResponseCode()!=200){
              					setErrorText("An error occured during login. See details in log.");
              					System.out.println("ERROR: login WS HTTP response code is " + response.getHttpResponseCode());
              					return;
              				}
              				
              				String status = XMLTools.selectString(data, "//status"); 
              				String sessionID = XMLTools.selectString(data, "//sessionId");
              				if(status!=null && status.equalsIgnoreCase("0")){
              					// Successful login
              					
              					// Storing sessionID in a cookie
              					final long DURATION = 1000l*60*60*24; // duration remembering login. 24 hours
              				    Date expires = new Date(System.currentTimeMillis() + DURATION);
              				    // TODO: cookie path
              				    String path=GWT.getHostPageBaseURL();
              				    path=path.substring(0, path.length()-1);
              				    int index=path.lastIndexOf('/');
              					path=path.substring(index);
              				    Cookies.setCookie("sid", sessionID, expires);
              				    
              				    LOGalyzeAdmin.get().setMainScreen();
              				}else{
              					setErrorText(messages.dialog_LoginErrorMessage());
              					
              				}
              				passwordItem.clearValue();
              				
              			}
              		};
              		resultDS.setServiceNamespace(namespaceURL);
              		resultDS.setXmlNamespaces(ns);
              		
              		OperationBinding fetchOp = new OperationBinding(DSOperationType.FETCH, wsdlURL);
              		fetchOp.setWsOperation(wsOperation);
              		fetchOp.setXmlNamespaces(ns);
              		
              		resultDS.setOperationBindings(fetchOp);
              
              		DSRequest dsr = new DSRequest();
                      dsr.setShowPrompt(false);
                      
                      Criteria cr = new Criteria();
                      cr.addCriteria("username", (String) usernameItem.getValue());
                      cr.addCriteria("password", (String) passwordItem.getValue());
                      
                      resultDS.fetchData(cr, null, dsr);
                  }
              Code:
              buttonItem.addClickHandler(new ClickHandler(){
                          public void onClick(ClickEvent clickEvent) {
                          	if(!loginForm.validate()) return;
                          	
                          	doLogin(loginForm.getValueAsString("username"), loginForm.getValueAsString("password"));
                          }
                      });

              Comment


                #8
                servletRequest.getRemoteUser() is a typical way of doing it. You could retrieve this via setting up a call to the server using RPC DMI or DataSource.performCustomOperation() and calling getRemoteUser() in your DMI method.

                Another style is to create a "user" DataSource and store user details beyond just the user name (First Name, Last Name, the usual) in a DataSource, and just use getRemoteUser() as part of implementing "fetch" for this DataSource.

                Comment

                Working...
                X