Copy link to clipboard
Copied
I've been given a task to integrate a CF application with an authentication process that is Java-based. We have been provided with a set of filters that are key to this process. According to the documentation
"...each of the filters places an EntRegSSOToken object into the HttpSession and HttpRequest contexts for use by the integrating application code. The EntRegSSOToken object is the key integration point for an integrating application. The requestor’s eReg identity should be obtained from this object. Below is a small snippet of code showing how an application can determine the requestor’s eReg identity."
(EntRegSSOToken is a class contained in a provided .jar file.)
Here's the sample code snippet:
String eRegUserId = null;
EntRegSSOToken entRegSSOToken = null;
entRegSSOToken = (EntRegSSOToken) session.getAttribute(EntRegSSOToken.REQUEST_KEY);
if(entRegSSOToken != null) {
if(entRegSSOToken.isNewUserLoggedIn()) {
// code to handle a user that logged out elsewhere and logged in as
// a different user. Typically, all data stored in session context
// for the previous user needs to be cleaned up and initialization
// done for the newly logged in user.
eRegUserId = entRegSSOToken.getUserId();
} else if(entRegSSOToken.isExpired() {
// code here to handle an expired session. This should not happen
// since the session filter should handle it.
} else {
eRegUserId = entRegSSOToken.getUserId();
}
}
If(eRegUserId == null) {
// code here to handle a non-logged in user
} else {
// code here to handle a logged in user
}
I was hoping I might be able to access this token using ColdFusion but I don't have a clue as to how to go about that. I think maybe the GetPageContext() function might provide the key but I haven't been able to determine just how I would leverage that. If anyone could provide any insight as to how I could leverage that function (or any other means) to provide the functionality in the example it would be greatly appreciated.
Thanks,
Ken
Copy link to clipboard
Copied
That is possible. Your ColdFusion version?
Copy link to clipboard
Copied
BKBK, thanks for your interest. The version as reported in CF Administrator is 9,0,0,251028.
Ken
Copy link to clipboard
Copied
You can get to the HttpRequest via getPageContext().getRequest() and HttpSession using getPageContext().getRequest().getSession() You need to know the value of EntRegSSOToken.REQUEST_KEY in order to read the object from the session object. In order to do that from CF you will need the full class name including the package, eg com.example.packagename.EntRegSSOToken, so your code in CF might look like this: etc.
Copy link to clipboard
Copied
Sorry my code was stripped out, try something like this (using cfscript):
entRegSSOToken = createObject("java", "com.example.something.EntRegSSOToken");
request_key = entRegSSOToken.REQUEST_KEY;
entRegSSOToken = getPageContext().getRequest().getSession().getAttribute(request_key);
if(NOT IsNull(entRegSSOToken)) {
if(entRegSSOToken.isNewUserLoggedIn()) {
// code to handle a user that logged out elsewhere and logged in as
// a different user. Typically, all data stored in session context
// for the previous user needs to be cleaned up and initialization
// done for the newly logged in user.
eRegUserId = entRegSSOToken.getUserId();
} else if(entRegSSOToken.isExpired() {
// code here to handle an expired session. This should not happen
// since the session filter should handle it.
} else {
eRegUserId = entRegSSOToken.getUserId();
}
}