Sample Impersonation portlet

WebSphere Portal 6.1.5 has a feature called Impersonation that you can use to create a portlet that will let support person impersonate other users.

I built a sample portlet to demonstrate how to use impersonation service. This sample portlet has a form where you can enter uid of the user that you want to impersonate, once you enter uid and click submit, it will impersonate that user. Once your done and want to switch back to the original user you can click on Switch back to original user link. You can download this sample portlet from here

Important Note: I followed the documentation to build this portlet and i could get impersonation part working but switching back to original user is not working. Even after calling ImpersonationService.loginOriginalUser() method it still keeps showing impersonated user. But when i click on logout, it starts showing the original user. I got this problem on WebSphere Portal Version wp6103_201_01 2009-11-07. I am planning to apply fixpack 6.1.5.1 to my portal and see if it helps

This is how my ImpersonationPortlet.java looks like


package com.webspherenotes.misc;

import java.io.IOException;

import javax.naming.InitialContext;
import javax.naming.NamingException;
import javax.portlet.ActionRequest;
import javax.portlet.ActionResponse;
import javax.portlet.GenericPortlet;
import javax.portlet.PortletException;
import javax.portlet.ProcessAction;
import javax.portlet.RenderRequest;
import javax.portlet.RenderResponse;

import com.ibm.portal.portlet.service.PortletServiceHome;
import com.ibm.portal.portlet.service.impersonation.ImpersonationException;
import com.ibm.portal.portlet.service.impersonation.ImpersonationService;

public class ImpersonationPortlet extends GenericPortlet{

PortletServiceHome psh;
public void init() throws PortletException {
System.out.println("Entering ImpersonationPortlet.init()");
try {
InitialContext context = new InitialContext();
psh= (PortletServiceHome)context.lookup(ImpersonationService.JNDI_NAME);
} catch (NamingException e) {
e.printStackTrace(System.out);
}
System.out.println("Exiting ImpersonationPortlet.init()");
}

protected void doView(RenderRequest request, RenderResponse response)
throws PortletException, IOException {
System.out.println("Entering ImpersonationPortlet.init()");

response.setContentType("text/html");
getPortletContext().getRequestDispatcher("/index.jsp").include(request, response);
System.out.println("Exiting ImpersonationPortlet.init()");
}

@ProcessAction(name="switchUser")
public void switchUser(ActionRequest request, ActionResponse response)
throws PortletException, IOException {
System.out.println("Entering ImpersonationPortlet.switchUser()");
try {
String userId = request.getParameter("USER_NAME");
System.out.println("Value of USER_NAME " + userId);
ImpersonationService impersonationService = psh.getPortletService(ImpersonationService.class);
impersonationService.doImpersonate(request, response, userId);
} catch (ImpersonationException e) {
e.printStackTrace(System.out);
}
System.out.println("Exiting ImpersonationPortlet.switchUser()");
}

@ProcessAction(name="originalUser")
public void originalUser(ActionRequest request, ActionResponse response) throws PortletException, IOException{
System.out.println("Entering ImpersonationPortlet.originalUser()");
try {

ImpersonationService impersonationService = psh.getPortletService(ImpersonationService.class);
System.out.println("Switching back to original user " + impersonationService.getOriginalUser());
System.out.println("Is User Impersonated " + impersonationService.isUserImpersonated());
impersonationService.loginOriginalUser(request, response);
System.out.println("After switching back to original user " + request.getRemoteUser());
} catch (ImpersonationException e) {
e.printStackTrace(System.out);
}
System.out.println("Exiting ImpersonationPortlet.originalUser()");
}
}


The ImpersonationPortlet has following two methods that can handle the Action Request,


  1. switchUser: method will get called whenever user enters a uniqueName for the user that you want to impersonate and click submit. In this method i am reading name the value submitted by user and then calling impersonationService.doImpersonate() method with userName submitted by the user. THis method will switch the user and redirect you to the home page for that user

  2. originalUser: THis method will get called when user clicks on Switch back to original user link, at this point i am calling impersonationService.loginOriginalUser(request, response) method to switch back to the original user.



This is the jsp that gets displayed to the user in the VIEW mode and has methods for impersonating and switching back the user.

<%@page language="java" %>
<%@taglib uri="http://java.sun.com/portlet_2_0" prefix="portlet"%>
<portlet:defineObjects />

<%
String userId = request.getRemoteUser();
%>
<portlet:actionURL var="switchUserUrl">
<portlet:param name="javax.portlet.action" value="switchUser" />
</portlet:actionURL>
<h4>Current User - <%=userId %></h4>
<h4>Enter name of the user to impersonate</h4>
<form method="post" action="<%=switchUserUrl %>">
<table>
<tr>
<td>User Id</td>
<td><input type="text" name="USER_NAME" /></td>
</tr>
<tr>

<td><input type="submit" name="submit" /></td>
</tr>

</table>

</form>
<portlet:actionURL var="originalUserUrl">
<portlet:param name="javax.portlet.action" value="originalUser" />
</portlet:actionURL>

<h4>Click on URL to switch back to Original User</h4>
<a href='<%=originalUserUrl %>' >Switch back to original user</a>


This is the screen shot of the impersonation portlet

2 comments:

  1. Hi Sunil,
    Thanks for the post, its really helpful.
    Does Impersonation alter the LDAP attribute loginTime of the impersonated user?

    ReplyDelete