11 Replies Latest reply on Nov 29, 2013 9:07 AM by ashwini k

    Servlet calling java:portal/UserModule

    Foong Kim Newbie

      Hi there, i have one portal running on Jboss and one is the servlet. In my servlet, i will required to call the usertable in JBP_USer to verify the user registered already or not?

      Thus, below is part of the coding...

      try
      {
      UserModule userModule = (UserModule) new InitialContext().lookup("java:portal/UserModule");
      User temp_user = userModule.findUserByUserName(username);
      authenticateUser = temp_user.validatePassword(password);

      }
      catch (Exception e)

      I have not problem on loading the JNDI UserModule. But once i call the findUserByUseName(), i was thrown an error:
      org.hibernate.HibernateException: Unable to locate current JTA transaction
      at org.hibernate.context.JTASessionContext.currentSession(JTASessionContext.java:61)
      at org.hibernate.impl.SessionFactoryImpl.getCurrentSession(SessionFactoryImpl.java:544)
      at org.jboss.portal.identity.db.HibernateUserModuleImpl.getCurrentSession(HibernateUserModuleImpl.java:298)
      at org.jboss.portal.identity.db.HibernateUserModuleImpl.findUserByUserName(HibernateUserModuleImpl.java:90)
      at my.mimos.servlet.ProfileSendServlet.doGet(ProfileSendServlet.java:96)

      SO, basically if i understand correctly, it's pointing to me can not load the user transaction. Can you help me or suggest any solution to me?

      thank you

        • 1. Re: Servlet calling java:portal/UserModule
          Antoine Herzog Master


          Globally, you need to provide a transaction to the UserModule.

          more detail :
          the UserModule uses hibernate to query the database about the user.
          it will do so inside a JTA transaction, for all the advantages of using transactions with database processing.

          but, the user module does not build it's own transaction.
          it must be provided by the container.

          the container provide the transaction to any instance who ask for it.
          This is usually done by injection.

          in the portlets, the injection of the transaction is done by adding the "transaction required" element in the portlet descriptor. This is in the jboss-portlet.xml description file.
          you can see this in the jboss-portlet.xml that is in the identity module (see the identity sar)

          in your servlet, there is no (not yet) the transaction injection, for the user module.

          you have to tell that your servlet processing needs a transaction.

          that's where I am not sure anymore : I don't know much about the servlet.

          but I guess that with some annotation, you should get this transaction injected on the servlet methods etc...

          search in the web about : transaction injection servlet tomcat etc...

          look also about the transaction manager of jboss : may be also possible to call it by jndi and get the current transaction for the current thread etc...

          look also at hibernate / transaction / injection etc...

          hope this help for a start





          • 2. Re: Servlet calling java:portal/UserModule
            Foong Kim Newbie

            yes, i got what you mean. this is my latest code change after i have also search the forum in here. BUt then another problem occur...

            Transaction transaction = null;
            Session session = null;
            SessionFactory identitySessionFactory = null;
            try
            {
            identitySessionFactory = (SessionFactory) new InitialContext().lookup("java:/portal/IdentitySessionFactory");
            session = identitySessionFactory.openSession();
            transaction = session.beginTransaction();

            UserModule userModule = (UserModule) new InitialContext().lookup("java:portal/UserModule");

            System.out.println("$$$$$$$$ " + userModule.findUserByUserName("admin"));
            // User temp_user = userModule.findUserByUserName("foongkim");
            // authenticateUser = temp_user.validatePassword(password);
            }
            catch (Exception e)

            The NullPointerException throw to me. pointing to
            >> session = identitySessionFactory.openSession();

            in my project,i have included the portlet-indentity-lib.jar which is from [JBOSS_HOME]/deploy/Jboss-portal.sar/lib

            what else i missed out?

            • 3. Re: Servlet calling java:portal/UserModule
              Antoine Herzog Master

              I don't know exactly, but I would not do like that.

              I don't think that using a identitySessionFactory.openSession() is the proper way.

              1) did you search the forum post before you posted your question ?
              I am quite sure there is some post about this kind of things.

              2) to be able to know if the user is registered or not, you can use the security feature and not the directly rebuild it with the user module, etc...
              The getPrincipal() method of the servlet request is for that.
              may be it is not enough for what you need ?

              3) look at how the portlet servlet get the transaction, when the descriptor tells to the container to inject one.
              any portlet is also in a servlet : so the way it get the transaction is the best example to do it...

              • 4. Re: Servlet calling java:portal/UserModule
                Foong Kim Newbie

                hi, actually my main purpose is to find the user by username and if it's there then i check for the password passed in by the user.

                can the getPrincipal can do that??

                i have almost searched the entire achieve folder.. i saw this.. but there is where i got the solution from.

                http://www.jboss.com/index.html?module=bb&op=viewtopic&t=115399&postdays=0&postorder=asc&start=0

                • 5. Re: Servlet calling java:portal/UserModule
                  Foong Kim Newbie

                  another thing, i am using servlet to access the UserModule not from portlet. i believe the getPrincipal is only access by generic porlet

                  • 6. Re: Servlet calling java:portal/UserModule
                    Antoine Herzog Master


                    ok, the other post say it is ok to do it this way.
                    so why not.

                    but for your need, yes, getting the principal from the security checking is enough...
                    you don't need to reproduce the password checking etc....

                    get the principal :
                    you can get the principal from the portlet request...

                    and also from the servlet request...

                    so, yes, you can get it from your servlet, even if out of any portlet or so.

                    in fact, the JBoss Portal relies on JAAS/Tomcat integration for setting up the Portal security.

                    the JAAS/Tomcat make the security authentification, then provide the principal to any servlet running under the security domain.

                    the principal is the same for the portlet and the servlet (read the JSR-168 about that).

                    look a HTTPServletRequest and the getPrincipal() method.

                    and how to use it to know if the user is logged in etc....

                    (I will be out of office for a while...)

                    • 7. Re: Servlet calling java:portal/UserModule
                      Foong Kim Newbie

                      Hi Antoine_h, i have follow the URL and that's where i encounter the problem at the first message i have posted..

                      NULL POinter exception.. and its driving me crazy....

                      i am thinking to direct access from the database... any ideas how?

                      • 8. Re: Servlet calling java:portal/UserModule
                        Antoine Herzog Master

                        bad idea....
                        (by the way, just a question : if you encounter a problem with the database, will you try to directly read the db file and decrypt it to get your info ?... just joking to try make you relax a little... and not go further in what I think is a wrong direction)

                        well, what I would recommend is :
                        - use the clean way : with the getPrincipal() from the servlet request
                        - but for this, I guess you have to read some doc about all this... to understand what's going on in the security process, and how to use it in your servlet.

                        you will make a real stable code and application,... and learn a lot about all this... for the next needs...

                        a few things to read that will be helpfull (if you have not read it yet... ;-) :
                        - the jsr-168 doc : look for the things about portlets and servlets "relation". (search for servlet word in the doc). this is really worthwhile.
                        - the portal documentation about login, security, the use of JAAS and Tomcat
                        - search the servelt api for things about the getPrincipal() method, on the servlet request.

                        ***************************
                        by the way, in your servlet, the getPrincipal() will return you a java principal, that is the one of the user logged in the portlet... only if the servlet is registered under the same tomcat security domains than the portlet.
                        I mean : the serlet can tell you if the portal user is logged, only if it is registered under the same security domain, with the portal.
                        Did you check this ?

                        about this : read about Tomcat and JAAS authentication process.
                        and look at how this is defined in the web.xml that define the portal main servlet.
                        basicaly, you may copy the configuration of the the portal main servlet, into the war of your servlet.

                        the file to look at are :
                        ...\deploy\jboss-portal.sar\portal-server.war\WEB-INF\jboss-web.xml
                        ...\deploy\jboss-portal.sar\portal-server.war\WEB-INF\web.xml
                        ...\deploy\jboss-portal.sar\conf\login-config.xml (but this one should not be usefull...)

                        hope it helps...




                        • 9. Re: Servlet calling java:portal/UserModule
                          Foong Kim Newbie

                          guys, problem solved.

                          the NULL Pointer is because in my eclipse project, i have included the hibernate3.jar and it's seems its crashed with the hibernate3.jar inside the JBoss app server.

                          after i have removed the hibernate in my project (as i will use the JBoss), everything is working fine means i can pull the information from the portal user.

                          Below is the complete code.

                          SessionFactory identitySessionFactory = null;
                          Session session = null;
                          Transaction transaction = null;
                          try
                          {
                          identitySessionFactory = (SessionFactory) new InitialContext().lookup("java:portal/IdentitySessionFactory");
                          session = identitySessionFactory.openSession();
                          transaction = session.beginTransaction();
                          UserModule userModule = (UserModule) new InitialContext().lookup("java:portal/UserModule");
                          User temp_user = userModule.findUserByUserName(username);
                          authenticateUser = temp_user.validatePassword(password);
                          session.clear();

                          }
                          catch (Exception e)
                          {
                          e.printStackTrace();
                          }
                          finally
                          {
                          if (transaction != null)
                          transaction.commit();
                          if (session != null)
                          session.close();
                          }

                          • 10. Re: Servlet calling java:portal/UserModule
                            Antoine Herzog Master

                            yes...
                            when you ask for the current transaction, it uses a static method of a special class to get the singleton transaction that is currently on.

                            if you have some hibernate jar in your project, ... then you have two classes loaded, in two class loader.
                            the one in jboss, and the one in the "webapp local class loader".

                            the jboss has an active transaction in the singleton, because it started it (that's it's job)
                            but the webapp local class loader has none.


                            good to hear you solved it.

                            • 11. Re: Servlet calling java:portal/UserModule
                              ashwini k Newbie

                              Hello,

                               

                              I used the code which you had given in my portlet. But it showing error as portal not bound.

                               

                              I am new to JBOSS, Can you please help me that in order to run the above code.

                               

                              Should i change any configuration xml files in JBOSS. Please help me out.

                               

                              at initial context the error is poinitng to.

                               

                              Thanks & Regards,

                              Ashwini