Obtaining the User ID from the Context

Use

To be able to check for the appropriate permissions in the EJB methods, you must have access to the user ID to be checked. You can obtain the currently logged on user from the session context by using the getCallerPrincipal() and getName() methods. Afterwards, you need to convert this user ID, which is a string value, to the IUser type from the UME’s UserFactory. The method to use for this purpose is getUserByUniqueName().

Prerequisites

The J2EE perspective is displayed in the SAP NetWeaver Developer Studio.

The quick car rental application’s EJB project, J2EE_QuickCarRentalEjb, is displayed in the J2EE Explorer.

Procedure

...

       1.      Expand J2EE_QuickCarRentalEjb  ®  ejb-jar.xml.

       2.      Open the QuickOrderProcessorBean by selecting it with a double-click.

The EJB’s information appears in the multi-page editor.

       3.      Choose the Bean tab page.

The source code for the EJB appears in the editor.

       4.      Add the following imports for the UME factory to the list of imports.

import com.sap.security.api.IUser;

import com.sap.security.api.UMException;

import com.sap.security.api.UMFactory;

       5.      Obtain the user’s ID and convert it to the IUser type using the following code. Add this code to the saveBooking(), cancelBooking(), and viewActiveBookings() methods. See the examples below.

Method saveBooking()

public QuickBookingModel saveBooking(
   String vehicleTypeId,
   String dateFromString,
   String dateToString,
   String pickupLocation,
   String dropoffLocation)
   throws QuickCarRentalException {
  

  
try {
      String username = myContext.getCallerPrincipal().getName();
      IUser user =
           UMFactory.getUserFactory().getUserByUniqueName(username);
   }
catch (UMException e) {
     
throw new QuickCarRentalException("Could not get user name.");
   }
      Date dateFrom = getDate(dateFromString);
      Date dateTo = getDate(dateToString);
...

Method cancelBooking()

public String cancelBooking(String bookingId)
      throws QuickCarRentalException {
        

     
try {
         String username = myContext.getCallerPrincipal().getName();
         IUser user =
            UMFactory.getUserFactory().getUserByUniqueName(username);
        
try {
            QuickBookingLocal booking =
               bookingHome.findByPrimaryKey(bookingId);
            booking.setStatus(Constants.STATUS_CANCELLED);
         } catch (FinderException e) {
            e.printStackTrace();
            throw new QuickCarRentalException(e.getMessage());
         }
      } catch (UMException e) {
        
throw new QuickCarRentalException("Could not get user name.");
      }
      return bookingId + " cancelled.";
   }

Method viewActiveBookings()

   public QuickBookingModel[] viewActiveBookings()
     
throws QuickCarRentalException {
      ArrayList bookings =
new ArrayList();
     
      try {
         String username = myContext.getCallerPrincipal().getName();
         IUser user =     
            UMFactory.getUserFactory().getUserByUniqueName(username);
     
} catch (UMException e) {
        
throw new QuickCarRentalException("Could not get user name.");
      }
     

      try {
         Collection active =
            bookingHome.findByStatus(Constants.STATUS_ACTIVE);
        
for (Iterator iterator = active.iterator(); iterator.hasNext();) {
            bookings.add(
               getBookingModel((QuickBookingLocal) iterator.next()));
         }

      }
catch (FinderException e) {
         e.printStackTrace();
        
throw new QuickCarRentalException(e.getMessage());
      }
      QuickBookingModel[] result =
new QuickBookingModel[bookings.size()];
      bookings.toArray(result);
     
return result;
   }

       6.      Save the data.

Result

The EJB has access to the user ID that it is to use for checking for permissions.

Next Step:

Checking the Permission in the EJB Methods