发表新帖
发表新帖

I want my Domino Servlet to get an authenticated user session

后端 未结
关注
5 1260
情歌与酒
情歌与酒 2021-01-15 02:43

It seems a like a pretty fundamental question, in a running Servlet hosted on Domino I want to access Domino resources that I have wisely protected using the the very fine s

相关标签:
5条回答
  • 广开言路
    2021-01-15 03:12

    FacesContext is JSF stuff and can be used from XAgent (=XPage).

    In a servlet you can do this:

    Session session = NotesFactory.createSession(null, "user", "password");

    Server ID usually has no password and doing this will use the server ID:

    Session session = NotesFactory.createSession();
    0 讨论(0)
  • 死守一世寂寞
    2021-01-15 03:13

    Jason - I assume you basically want the same functionality you would get running a Web Query Save agent if you didn't select run as Web User selected, in other words as the signer of the code.

    You could try setting up a internet site rule to allow basic authentication for the specific application path you wanted to use - might be worth using a subdomain for this.

    Then within the Servlet call this URL, whilst setting the Basic authorization parameters (username & password).

    Something like this.

    URL url = new URL(URL_TO_CALL);
String authStr = "USERNAME:PASSWORD";
String authEncoded = Base64.encodeBytes(authStr.getBytes());
HttpURLConnection connection = (HttpURLConnection) url.openConnection();
connection.setRequestMethod("GET");
connection.setDoOutput(true);
connection.setRequestProperty("Authorization", "Basic " + authEncoded);
InputStream is = connection.getInputStream();
    0 讨论(0)
  • 轮回少年
    2021-01-15 03:19

    Check the source of the WebDav project on OpenNTF. It has all the code you need

    0 讨论(0)
  • 清歌不尽
    2021-01-15 03:21

    com.ibm.domino.osgi.core.context.ContextInfo.getUserSession()

    0 讨论(0)
  • 失恋的感觉
    2021-01-15 03:28

    There have been lots of good answers to the original question. Thanks very much.

    The solution I propose to use is to port the code I have to OSGi plugins. It appears that java code/Servlets within the NSF context are subject to security controls that are relaxed when the same code runs within the OSGi context. The code:

    try {
NotesThread.sinitThread();
Session s = NotesFactory.createSession("","<my username>","<my password>");
.....
session = null;
} catch (Exception e) {
} finally {
NotesThread.stermThread();
}

    Runs fine in the OSGI context, but within in an NSF produc

    0 讨论(0)
 看不清?
提交回复
热议问题