include jsp file on successful login
I need to have some Java code run upon successful Luminis login. I am having a hard time figuring out where to include it. I found custom.jsp in my skin folder, but I have not been able to figure out how that gets included in the portal. I have searched all sorts of other jsp files to find one that loads after login, but no luck.
Anyone have any ideas?
include jsp
Others have done this, so there may be better solutions, but you could use javascript to HTTP GET your jsp from the loginok.html file. It is at $CP_ROOT/webapps/luminis/cps/welcome
Missing Attributes
Jason,
We found this file and tried this approach but the JSP we are executing is supposed to pull attributes and they're coming back null as if the authentication hadn't completely gone through yet. The examples I have seen have the same or very similar code and claim that it is working so I'm not sure what we are doing wrong. Here is some of the code we are using :
<%!
private static String getIPersonAttribute(HttpServletRequest hsr, String attr) throws PortalSecurityException
{
StringBuffer sb = new StringBuffer();
SimplePersonManager spm = new SimplePersonManager();
IPerson i = spm.getPerson(hsr);
sb.append( (String)i.getAttribute(attr));
return sb.toString();
}
%>
<%
String uid = getIPersonAttribute(request, "username");
String uname = getIPersonAttribute(request, "urn:mace:dir:displayName");
String email = getIPersonAttribute(request, "urn:sungardhe:dir:emailDefaultAddress");
%>
Thanks for your reply,
Tom
not sure
Well...thats confusing. I just tried modifying loginok.html and it seems to have no effect. At first I thought my jsp wasn't being called because window.top.location was happening so fast that the call above it failed. So I used jquery and made window.top.location a success function.
That didn't work. So I deleted the window.top.location part and tried just alerting "hello". That didn't work. So I moved loginok.html to a backup directory, just to see if the portal even used it. It didn't care at all that loginok.html was missing, and logged in without error....
So I suppose that loginok.html is a relic, and the actual work of redirecting is being done inside some java code.
You'll probably need to have your jsp code execute on every page, maybe in footer.jsp, and set a cookie for the first run, then don't run again if that cookie is present.
Maybe someone else can clarify what the deal is with loginok.html?
explanation of loginok.html
loginok.html is called immediately after a succesful login, but before any real session creation is setup. I actually use it to guarantee that a custom cookie of mine has been removed. Sungard changed their cookie code so much over the lifespan of lum 4, that I found this file to be the most consistent way of doing it.
You could add via nested-tables
You don't say what your java code does, but here's how I have some jsp code running in our portal.
Every time you're on a regular layout page (with tabs/columns/channels), I have a jsp file called as a source for a Javascript file like this:
<script language="Javascript" src="/jsp/misc/getRoles.jsp"></script>
This file loads a users roles into a javascript array from LDAP. We're using that plus some additional javascript to add custom icons to the page, pretty much without any modification to Luminis except adding that above line in the <head> section of the regularLayout template in nested-tables.xsl.
we call one before successful login
If it is any help, we put an intermediate jsp in.
The login page calls our intermediate.jsp instead of the sungard login app.
The jsp then passes the form data to the sugard login app.
It depends what you want the jsp to do.
The one thing that we do to make it easier :- place the jsp so that the main webserver delivers it, rather than the portal web app. This means that you do not have to set up all of the rules about whether a Portal session is in place or not.
Derek
University of Leeds, UK
How do you do that post?
I am working on my own login process that replaces the default Luminis one. My final "enter your password" form merely posts (via an HTML form) to `/cp/home/login`. Are you posting to something else? And are you doing this as a redirect from within your JSP code?
we post to a jsp
We post to our own jsp from our own login page (incorporating some jQuery - which I am going to learn how to use then I have time...)
The jsp then posts on to the Luminis login entry (the same page that the default Luminis login page posts to)
Derek
University of Leeds, UK
"The jsp then posts on to the
"The jsp then posts on to the Luminis login entry"
That's what I'm asking about. How are you doing the post to the default Luminis login?
I don't know a whole lot of Java, so I haven't been able to figure out anyway to do what I really want to do. What I am doing is implementing two-factor authentication to access our portal. So, step #1 the user enters their username and clicks a "Sign In" button. This takes them to step #2 where they confirm a unique key that they have chosen and then enter their password. On step #2 the user clicks a second submit button to finish the login process.
The form on step #2 does not post back to my own JSP code. This form posts back to the default Luminis login. What I _want_ to do is post back to my own JSP code which will do the post on the user's behalf and then do a proper redirect. Is this what you are doing? If so, how do you do that? Or are you doing what I already have implemented?
what we do
> "The jsp then posts on to the Luminis login entry"
>
> That's what I'm asking about. How are you doing the post
> to the default Luminis login?
Sorry, I will attempt to be clear - but we probably are not trying to do the same thing as you.
We modify the login page so that the form ends up being
<form id="cplogin" action="https://leedsportal.leeds.ac.uk/uollogin/checkAD.jsp" method="post" onsubmit="return false;">
The uollogin is a symbollic link (Solaris) to have a jsp that is served directly (rather than by the Luminis webapp).
The contents of the checkAD.jsp are:
response.addHeader("cache-control", "no-store"); // we use 5 headers to stop cache
String user=request.getParameter("user"); // get the form parameters
String pass=request.getParameter("pass");
// lots of stuff
// then we actually use javascript - I didn't realise that!
<html><head><title>Login for <%= user %></title></head>
<body onload="document.forms.cplogin.submit();">
// and the Luminis login form pretty much as in the original.
I understand now
You are essentially doing the same thing I am doing. Thank you for clarifying.
revisiting this was good
I am glad that you gave me the opportunity to look at how we actually do this.
The solution we came up with surprised me slightly, but all the effort went into writing code to interact with the Ldap from within the jsp.
Unfortunately, like everything, we had to put a solution in place quickly so that problems with AD and Ldap getting out of sync didn't mount up.
Derek
University of Leeds, UK
We use a hidden iframe
At CSU we use a hidden iframe to include an "iperson.jsp" (described athttp://www.lumdev.net/node/2672) that is stored in `$CP_ROOT/webapps/luminis/`. We add this iframe to the portal layout by way of our channel.xsl file in `$CP_ROOT/webapps/luminis/WEB-INF/uPortal/org/jasig/portal/channels/cpicons/`.