InfoCenter Home > 5.7.6.2.3: Server-side programmatic loginServer-side programmatic login will authenticate the basic-authorization data or credential token and create a credential authenticated against the local registry or LTPA registry. The basic-authorization credential can be sent from a client or created in the server. After authentication, the authenticated credential is maintained by the security session and is set onto the Current object each time a method request gets executed. The credentials remain available on the Current object as long as the request is being executed on the server. There are two ways to create the authenticated credential object:
If authentication succeeds, the methods create the authenticated credential, which can then be set on the thread of execution, typically as the invocation credential for further requests. A credential created by using a local registry cannot be forward to another WebSphere node. The code example illustrates a server that creates a basic-authentication credential using the LoginHelper class and then creates an authenticated credential by calling the get_mapped_credentials method. A LoginHelper wrapper class is provided to simplify the use of the SAS programming model. For information on this LoginHelper wrapper class, see 5.4.1.2: The LoginHelper Class. SAS also has a LoginHelper class but it provides lower level login functionality. It only actually does the login and does not have any other helper methods included to manipulate the credentials like the one mentioned in section 5.4.1.2. ... // Get the security Current object. ... if (current != null) { // Get a handle to LoginHelper from the Current object. com.ibm.IExtendedSecurity._LoginHelper loginHelper = current.login_helper(); // Construct a basic-authorization credential for // later authentication by the server. org.omg.SecurityLevel2.Credentials credentials = loginHelper.request_login(security_name, realm_name, password, new org.omg.SecurityLevel2.CredentialsHolder(), new org.omg.Security.OpaqueHolder()); // Set the credentials for outbound requests. current.set_credentials(org.omg.Security.CredentialType.SecInvocationCredentials, credentials); ... // Map the basic-authentication credentials to the registry. org.omg.SecurityLevel2.Credentials mapcreds = null; mapcreds = ((com.ibm.IExtendedSecurity.CredentialsOperations)creds).get_mapped_credentials(null, "", null); // Check to see if authentication succeeded. if (mapcreds = null) System.out.println("Login failed"); } If you prefer to catch an exception when authentication fails, use the get_mapped_creds method and catch the org.omg.Security.LoginFailed exception. try { // Map the basic-authentication credentials to the registry. org.omg.SecurityLevel2.Credentials mapcreds = null; mapcreds = ((com.ibm.IExtendedSecurity.CredentialsOperations)creds).get_mapped_creds(null, "", null); } catch (org.omg.Security.LoginFailed e) { System.out.println("Login failed"); } |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|