2 Replies Latest reply on Oct 3, 2014 9:19 AM by Dimitris Mouchritsas

    Custom SP with SAML

    Dimitris Mouchritsas Newbie

      Hi all,

      I'm trying to create a small custom example web application to be used as a Service Provider. I have successfully managed to configure it to use the current IDP deployed (basic idp quickstart) to perform the authentication and redirect back to the SP.


      However I would like to get the user and the roles he has in a Struts2 action. I'm using the struts2-cdi plugin and I've successfully injected Identity and DefaultLoginCredentials (by successful I mean they're not null) in the action,

      however when I try to get the logged in user everything is null:


      Identity identity;


      DefaultLoginCredentials user;


      public String execute() {
         LOG.info("HomeAction execute()");


         if (user != null) {
             LOG.info("User injected");
             Account account = user.getValidatedAccount();


             LOG.info("Crendials: " + user.toString());
             LOG.info("Account: " + account);
             LOG.info("UserId: " + user.getUserId());
         if (identity != null) {
             LOG.info("Identity Injected");
             LOG.info("isLoggedIn? " + identity.isLoggedIn());
             if (!identity.isLoggedIn()) {
                 LOG.info("Crendials after login: " + user.toString());
             Account account = identity.getAccount();
             LOG.info("Account: " + account);
             Collection<Attribute<?>> attrs = account.getAttributes();
             for (Attribute attr : attrs) {
                 LOG.info("Name: " + attr.getName() + ", Value: " + attr.getValue());


         } else {
             LOG.info("Identity is null");


         return SUCCESS;


      Is there a way to do this? What I'm trying to achieve is to get the username and the user's list of roles.

      I saw that I can use request.getUserPrincipal() which suits me fine for the user, but there was no method for getting the list of roles. request.isUserInRole("rolename") is not good enough for our purposes.


      Thank you