Skip Headers
Oracle® Application Development Framework Developer's Guide For Forms/4GL Developers
10g (10.1.3.1.0)
Part Number B25947-01
Go to Documentation Home
Home		 Go to Book List
Book List		 Go to Table of Contents
Contents		 Go to Index
Index		 Go to Master Index
Master Index		 Go to Feedback page
Contact Us
Go to previous page
Previous		 Go to next page
Next
View PDF

9.8 How to Reference Information About the Authenticated User

If you have set the jbo.security.enforce runtime configuration property to the value Must or Auth, the oracle.jbo.server.SessionImpl object provides methods you can use to get information about the name of the authenticated user and information about the roles of which they are a member. This is the implementation class for the oracle.jbo.Session interface that clients can access.

9.8.1 Referencing Role Information About the Authenticated User

The oracle.jbo.Session interface provides the two methods:

  • String[] getUserRoles(), returns array of role names to which the user belongs

  • boolean isUserInRole(String roleName), returns true if user belongs to specified role

Your entity object code can access the Session by calling:

Session session = getDBTransaction().getSession();

Example 9-12 shows a helper method that uses this technique. It determines whether the current user is a technician by using the isUserInRole() method to test whether the user belongs to the technician role.

Example 9-12 Helper Method to Test Whether Authenticated User is in a Given Role

protected boolean currentUserIsTechnician() {
  return getDBTransaction().getSession().isUserInRole("technician");
}

After refactoring the constants into a separate SRConstants class, the SRDemo application contains helper methods like this in its base SREntityImpl class that all entity objects in the sample extend to inherit this common functionality:

protected boolean currentUserIsTechnician() {
  return getDBTransaction().getSession()
                           .isUserInRole(SRConstants.TECHNICIAN_ROLE);
}
protected boolean currentUserIsManager() {
  return getDBTransaction().getSession()
                           .isUserInRole(SRConstants.MANAGER_ROLE);
}
protected boolean currentUserIsCustomer() {
  return getDBTransaction().getSession()
                           .isUserInRole(SRConstants.USER_ROLE);
}
protected boolean currentUserIsStaffMember() {
  return currentUserIsManager() || currentUserIsTechnician();
}

These are then used by the create() method to conditionally default the service request type based on the role of the current user. The getDefaultNoteType() helper method:

// In ServiceHistoryImpl.java in SRDemo sample
private String getDefaultNoteType() {
  return currentUserIsStaffMember() ? TECHNICIAN_TYPE : CUSTOMER_TYPE;
}

is used by the ServiceHistory entity object's overridden create() method to default the service history type based on the role of the current user.

// In ServiceHistoryImpl.java in SRDemo sample
protected void create(AttributeList nameValuePair) {
  super.create(nameValuePair);
  setSvhType(getDefaultNoteType());
  setCreatedBy(getCurrentUserId());
  setLineNo(new Number(getServiceRequest().getMaxHistoryLineNumber()+1));
}

9.8.2 Referencing the Name of the Authenticated User

In order to access the name of the authenticated user, you need to cast the Session interface to its SessionImpl implementation class. Then you can use the getUserPrincipalName() method. Example 9-13 illustrates a helper method you can use in your entity object to retrieve the current user name.

Example 9-13 Helper Method to Access the Current Authenticated User Name

protected String getCurrentUserName() {
  SessionImpl session = (SessionImpl)getDBTransaction().getSession();
  return session.getUserPrincipalName();
}
Go to previous page
Previous		 Go to next page
Next
Go to Documentation Home
Home		 Go to Book List
Book List		 Go to Table of Contents
Contents		 Go to Index
Index		 Go to Master Index
Master Index		 Go to Feedback page
Contact Us