After successful authentication the application can access users’ principal information using standard servlet APIs. To illustrate that, make the following changes to the HelloWorldServlet
:
/**
* @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
*/protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
{
String user = request.getRemoteUser();
if (user != null)
{
response.getWriter().println("Hello, " + user);
}
else
{
LoginContext loginContext;
try
{
loginContext = LoginContextFactory.createLoginContext("FORM");
loginContext.login();
response.getWriter().println("Hello, " + request.getRemoteUser());
}
catch (LoginException ex)
{
ex.printStackTrace();
}
}
}
/**
* @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
*/
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
{
doGet(request, response);
}
Note: The reason we also had to implement the doPost()
method is related to specifics of the SAML 2.0 authentication process flow. For more information please refer to the respective parts of the SAP Cloud Platform online documentation.