Chapter 9
Using the iPlanet Portal Server APIs
Instructions for using the HelloServlet
Set IPS_BASE to the iPlanet Portal Server installation directory.
cd $IPS_BASE/SUNWips/sample/api then type make.
Copy the class files to the appropriate directory on the Portal Serverunder:
- $IPS_BASE/SUNWips/lib
- For example, all class files would be copied to:
- $IPS_BASE/SUNWips/lib/com/iplanet/portalserver/api
Modify the web server configuration.
- The web server configuration files are in the directory:
- $IPS_BASE/netscape/server4/https-servername/config
- where servername is the FQDN of the portal server.
Add the following line to the web server servlets.properties file:
servlet.helloservlet.code=com.iplanet.portalserver.api.HelloServlet
Replace the package and servlet names with the names you have chosen for this HelloServlet
Add the following line to the web server rules.properties file:
- /helloservlet=helloservlet
Import iwtHelloServlet.xml as root using ipsadmin:
$IPS_BASE/SUNWips/bin/ipsadmin -import iwtHelloServlet.xml
Copy file iwtHelloServlet.properties to $IPS_BASE/SUNWips/locale directory
Restart the portal server:
# etc/init.d/ipsserver start
|
Test the servlet by logging in to Portal Server and entering the following URL:
|
https://gateway/http://server:8080/HelloServlet
|
|
HelloServlet Properties
Code Example 9-1 HelloServlet.properties
a1=Hello Application Profile
a2=Any user friendly name
a3=Your favourite color
a4=Hello Application
a5=Hello Application execute privilege
a6=Hello Application change color privilege
|
|
HelloServlet XML
Code Example 9-2 HelloServlet.XML
<iwt:Component name="HelloServlet"
|
ver="1.0"
|
desc="Hello Application Profile"
|
resB="HelloServlet"
|
idx="a1">
|
|
<!-- String Attribute -->
|
<iwt:Att name="HelloServlet-name"
|
desc="Any user friendly name "
|
type="string"
|
idx="a2"
|
userConfigurable="TRUE">
|
<Val></Val>
|
<Rperm>ADMIN</Rperm><Rperm>OWNER</Rperm>
|
<Wperm>ADMIN</Wperm><Wperm>OWNER</Wperm>
|
</iwt:Att>
|
|
<!-- String Attribute -->
|
<iwt:Att name="HelloServlet-color"
|
desc="Your favourite color"
|
type="string"
|
idx="a3"
|
userConfigurable="TRUE">
|
<Val></Val>
|
<Rperm>ADMIN</Rperm><Rperm>OWNER</Rperm>
|
<Wperm>ADMIN</Wperm><Wperm>OWNER</Wperm>
|
</iwt:Att>
|
|
<!-- String Attribute, Global/Platform attribute -->
|
<!-- Hence userconfigurable is set to false -->
|
<iwt:Att name="HelloServlet-title"
|
desc="Application description"
|
type="string"
|
idx="a4"
|
userConfigurable="FALSE">
|
<Val>HelloServlet</Val>
|
<Rperm>ADMIN</Rperm><Rperm>OWNER</Rperm>
|
<Wperm>ADMIN</Wperm><Wperm>OWNER</Wperm>
|
</iwt:Att>
|
|
<!-- Boolean privilege -->
|
<iwt:Priv name="HelloServlet-execute"
|
type="boolean"
|
desc="Hello Application execute privilege"
|
userConfigurable="TRUE"
|
idx="a5"
|
val="true">
|
<Rperm>ADMIN</Rperm><Rperm>OWNER</Rperm>
|
<Wperm>ADMIN</Wperm>
|
</iwt:Priv>
|
|
<!-- List type privilege -->
|
<iwt:Priv name="HelloServlet-changeColor"
|
type="list"
|
desc="Hello Application change color privilege"
|
userConfigurable="TRUE"
|
idx="a6">
|
|
<Rperm>ADMIN</Rperm><Rperm>OWNER</Rperm>
|
<Wperm>ADMIN</Wperm>
|
</iwt:Priv>
|
</iwt:Component>
|
|
Prints HTML Output
Code Example 9-3 HTML Output
private void printMessage(HttpServletResponse res)
|
throws Exception {
|
res.setContentType("text/html");
|
ServletOutputStream out = res.getOutputStream();
|
out.println("<html>");
|
out.println("<head><title>HelloApp</title></head>");
|
out.println("<body bgcolor="+ color);
|
out.println("<BR>");
|
out.println("<CENTER>");
|
out.println("<h2>");
|
// Check if User is allowed to execute
|
// the Hello Application
|
if (UserIsAllowed) {
|
out.println("Hello User: "+ name+ " !!");
|
if (!changeColorIsAllowed) {
|
out.println("You are not allowed to change color.");
|
}
|
} else {
|
out.println("Sorry "+ name+ "!!");
|
out.println("You are not allowed to execute the Hello
application.");
|
}
|
out.println("</h2>");
|
out.println("</CENTER>");
|
out.println("</body></html>");
|
}
|
}
|
|
Before logging into the Portal Server the servlet program will print out the value of the session ID.
Note
|
The cookie name would normally be retrieved by the application from the http header.
|
Setting Privileges
Attributes and Privileges
This servlet is a sample which uses 3 main APIs (Session API, Profile API, Logging API)
Code Example 9-4 Attributes and Privileges
|
// Attributes and Privileges as defined in the XML file
|
private static final String logfile = "HelloApp.log";
|
private static final String COLOR_ATTR = "HelloServlet-color";
|
private static final String NAME_ATTR = "HelloServlet-name";
|
private static final String EXEC_PRIV= "HelloServlet-execute";
|
private static final String CHANGECOLOR_PRIV=
"HelloServlet-changeColor";
|
|
// Local variables
|
private LogManager lmgr= null;
|
private LogRecord log= null;
|
private String color= "#CCCCFF";
|
private String name= null;
|
private boolean UserIsAllowed= false;
|
private boolean changeColorIsAllowed= false;
|
|
Initializing the Servlet
Code Example 9-5 Initialize the Servlet
super.init(config);
|
}
|
|
Session API Examples
HTTP Request and Response
Paramameter requests the HTTP request, paramameter responds the HTTP response. If an I/O error has occurred, an I/O exception will be thrown.
Code Example 9-6 HTTP Request and Response
public void doGet(HttpServletRequest req, HttpServletResponse res)
|
try {
|
|
// Get a Session object
|
Session sess = getSession(req);
|
|
// Get user profile name
|
Profile p = getProfileName(sess);
|
|
// Get the logManager and start logging
|
lmgr = startLogging(sess);
|
|
// Get AccessControl information
|
getAccessControlInfo(sess, p);
|
|
// Print the output
|
printMessage(res);
|
|
} catch (LogException e) {
|
log = new LogRecord("Logging: ", "Error in Logging");
|
} catch (SessionException e) {
|
log = new LogRecord("Session: ", "Error in Session");
|
} catch (ProfileException e) {
|
log = new LogRecord("Profile: ", "Error in Profile");
|
} catch (Exception e) {
|
log = new LogRecord("Error: ", " Printing Hello");
|
} finally {
|
if (log == null)
|
log = new LogRecord("Hello Application:", "Success");
|
|
try {
|
lmgr.write(log, logfile);
|
} catch (Exception le) {
|
System.out.println("Error: "+le);
|
|
Session Event
If the user logs out of his session or if user exceeds maximum idle time then the Hello application returns.
Code Example 9-7 SessionEvent
|
public void sessionChanged(SessionEvent e) {
|
Session sessionEvt = null;
|
|
// if the session is still valid, just return
|
// without doing anything
|
try {
|
sessionEvt = e.getSession();
|
if (sessionEvt.getState(false) == Session.VALID)
|
return;
|
else {
|
// clean up profile before quitting
|
}
|
} catch (Exception se) {}
|
}
|
}
|
|
Get a Session
Method handles Session and gets the user Session object and adds a SessionListener.
Code Example 9-8 GetSession
|
SessionID sid = new SessionID(req);
|
Session sess = Session.getSession(sid);
|
if (sessionEvt.getState(false) == Session.VALID)
|
// sessionChanged() is called if a SessionEvent occurs
|
sess.addSessionListener(new HelloSessionListener());
|
}
|
|
Profile API Examples
Modify an Attribute
Modify an attribute for the Hello application and test if ProfileChanged is called.
Code Example 9-9 Modify an Attribute
public class HelloProfileListener implements ProfileListener {
|
|
public void profileChanged(ProfileEvent notify){
|
|
Profile p = notify.getProfile();
|
int type = notify.getType();
|
|
// Either the color or the name attribute may have changed
|
// Get the new values for these attributes.
|
if (type == ProfileEvent.PROFILE_CHANGE) {
|
|
try {
|
color = p.getAttributeString(COLOR_ATTR);
|
name = p.getAttributeString(NAME_ATTR);
|
} catch (ProfileException pe) {
|
System.out.println("Profile: getAttribute() failed");
|
}
|
return;
|
} else {
|
// no attributes were changed
|
// profiles were created or deleted
|
return;
|
}
|
}
|
}
|
|
Get User Profile
Method handles user profile and gets the user profile name, and adds a profile listener for any attribute changes in the current user profile.
Code Example 9-10 GetProfileName
throws ProfileException {
|
Profile p = s.getUserProfile();
|
this.name = p.getProfileName();
|
|
// profileChanged() is called if a ProfileEvent occurs
|
p.addProfileListener(new HelloProfileListener());
|
return p;
|
}
|
|
Policy Checking
Method handles user policy, checks if the user is allowed to execute the hello application.
Code Example 9-11 Policy Checking
throws ProfileException {
|
if (p.isAllowed(EXEC_PRIV)) {
|
this.UserIsAllowed = true;
|
}
|
|
// The CHANGECOLOR_PRIV is defined as a list type privilege.
|
// What's in the list is domains. If the user domain is in the
|
// privilege CHANGECOLOR_PRIV's allow list, ths user is allowed
|
// to change color. Otherwise, the user is denied to change
color.
|
|
if (p.isAllowed(CHANGECOLOR_PRIV, s.getClientDomain(),
Profile.REGULAR)) {
|
this.changeColorIsAllowed = true;
|
}
|
|
}
|
|
Log API Example
Method handles Logging
Application creates a log file "Hello.log" and logs the first log entry.
Code Example 9-12 Create Log File
throws LogException {
|
LogManager lm = new LogManager(s);
|
lm.create(logfile);
|
|
return lm;
|
}
|
|