Retrieve currentUser in custom java login action

1
I'm trying to implement a custom login action. When i login my custom java action is indeed used. The problem is that I need information of the anonymous user object that is trying to login. I tried retrieving this using: IUser currentUser = this.getContext().getSession().getUser(); But currentUser is always null. Any idea's what i'm doing wrong? Update January 7th 2012 I don't really understand how the sign-in microflow should be used. The sign-in microflow is executed when an end-user: Uses your application without signing in (thus as an anonymous user), and then clicks a button for which she does not have access, which causes a sign-in screen to appear, and then signs in to your application. Source: https://world.mendix.com/display/refguide4/Project+Security But how can an anonymous user click on a button for which he does not have access? These buttons are filtered out but the platform, since the anonymous user does not have permissions. Also the sign in microflow is never called from my custom java login action. So i still can't access the anonymous user that tried to login. I also noticed that when a user directly open the login.html, no anonymous user is created at all. Update January 8th 2012 So i figured it out. The anonymous username can be retrieved through the session. Below some code snippets to show how i solved it. public MyLoginAction(Map<String,? extends Object> params) { this.userName = (String)params.get("userName"); this.password = (String)params.get("password"); this.locale = (String)params.get("locale"); this.currentSessionId = (String)params.get("currentSessionId"); } === @Override public ISession executeAction() throws Exception { // get the username of the anonymous user that is trying to login ISession anonymousSession = getActiveSession(this.currentSessionId); if(null == anonymousSession) { throw new AuthenticationRuntimeException("Login FAILED: No session exists for user."); } IUser anonymousIUser = anonymousSession.getUser(); String anonymousUsername = anonymousIUser.getName(); ...... } === /** * Get the active session from the list of all actives sessions based on a session id * @param sessionId The sessionId to look for * @return The session with the specified sessionId */ private ISession getActiveSession(String sessionId) { Collection<? extends ISession> sessions = Core.getActiveSessions(); for (ISession iSession : sessions) { String sId = iSession.getId().toString(); if(sId.equals(sessionId)) { return iSession; } } return null; }
asked
2 answers
0

Go to project security, anonymous users, choose sign-in microflow. This microflow has 2 parameters: AnonymousUser and SignedInUser.

answered
0

I don't really understand how the sign-in microflow should be used.

The sign-in microflow is executed when an end-user:

  1. Uses your application without signing in (thus as an anonymous user), and then
  2. clicks a button for which she does not have access, which causes a sign-in screen to appear, and then
  3. signs in to your application.

Source: https://world.mendix.com/display/refguide4/Project+Security

But how can an anonymous user click on a button for which he does not have access? These buttons are filtered out but the platform, since the anonymous user does not have permissions.

Also the sign in microflow is never called from my custom java login action. So i still can't access the anonymous user that tried to login.

I also noticed that when a user directly open the login.html, no anonymous user is created at all.

answered