User's attribute such as email

How to retrieve user’s attribute (e.g. email) from PSO extension, knowing IPSRequestContext? I would like to retrieve user’s email for some hidden content field.

I assume that you’re talking about the currently logged in person? I would do something like (not tested):


IPSRequestContext reqCtx = (IPSRequestContext)request.getAttribute("RX_REQUEST_CONTEXT");
String userName = reqCtx.getUserName();
Set emails = reqCtx.getSubjectEmailAddresses(userName, "",Integer.toString(reqCtx.getSecurityToken().getCommunityId()));

I want to expand this a bit.

Say the user is an active directory (AD) user, and the user has some attributes such as attr1, attr2 defined in the AD. How can I retrieve attr1 and attr2 values? Can I use getSubjectGlobalAttributes of the IPSRequestContext to retrieve the AD attributes.

I would write my own extension (and have done so… to get ldap attributes). I am under the assumption that you also haven’t written your own login module (and catalogers), so you aren’t passing back more information (other than the defaults which pass back the name and email)

You can configure the system to return additional attribute values from the directory. These end up in the results of the call to IPSRequestContext.getSubjectGlobalAttributes(). To configure, in the Admin client, edit the Directory and add the attribute names to the “Return attributes” list for the attributes you want to retrieve values for. See the Rhythmyx Administration Manual, Chapter 6, Maintaining Users - go to the section on “Maintaining Directory Configurations” (page 97-98) - this info is for the v6.7 doc, but this functionality has been available back through v5.

One more thing - to retrieve the value of an email address attribute in particular, if you’ve specified the email address attribute name in the Directory Set configuration, then you can also call IPSRequestContext.getSubjectEmailAddresses(String, String, String) to get a user’s email address - in this case, leave the second parameter for emailAttributeName empty to use the LDAP attribute name you’ve defined in the Directory Set.