I have a weblogic server using an external LDAP as Provider for authentication. I than need to recover the groups that a specific user has associated with in an LDAP repository.
The login uses standard java notation:
<form method="POST" action="j_security_check">
<p>Username: <input type="text" name="j_username"/></p>
<p>Password: <input type="password" name="j_password"/></p>
<input type="submit" value="Login"/>
</form>
And after the login I can recover the Princial using: <%= request.getUserPrincipal() %>
But What I need now is to recover all associated groups for this principal from LDAP? Is it possible?
[]s
It may not be possible to get a list of all groups without using LDAP. JAAS APIs generally give you a way to ask whether the user belongs to a certain group but not to get all groups at once.
The best you may be able to do without accessing LDAP directly is something like
for (String group : allGroups) {
if (request.isUserInRole(group)) {
userGroups.add(group);
}
}
The performance hit should not be too bad if you do it once on session creation and then make userGroups session-scoped. (The container may well get all the groups on login.)