Jazz Forum Welcome to the Jazz Community Forum Connect and collaborate with IBM Engineering experts and users

use current user session to login another project through RTC PlugIn

PlugIn is configured in "project A". This PlugIn writes data to "Project B".
When using the "com.ibm.team.repository.client.ITeamRepository.login()", password should be hardcoded into the PlugIn.
Session user who invokes the plugin will be a member of Project B.
Is there any way to avoid hardcoding the password.
Can the current session be used by the PlugIn to login Project B ?

1

1 vote



2 answers

Permanent link
Hello, Chidambaram.

I have the similar problem and I am testing a possible solution. I have a extension executing in a project area and I make changes in other project area. After testing other solutions, I find a solution that possibly works. I use a internal server API instead the client API and I don't need the user password for it. You can get the user context in a extension with the "getTeamServiceContext()" method. This method returns a instance of the "com.ibm.team.repository.common.transport.ITeamServiceContext" interface. The "com.ibm.team.repository.service.internal.TeamServiceContext" internal class implements this interface. This internal class contains the current user. You can use the "pushImpersonation" static method in order to replace the current user. Finally you can use the "popImpersonation" static method in order to restore the original user.

public class MyParticipant extends AbstractService implements IOperationParticipant {
    public void run(AdvisableOperation operation, IProcessConfigurationElement participantConfig, IParticipantInfoCollector collector, IProgressMonitor monitor) throws TeamRepositoryException {
                                IContributorHandle contributorHandle = contributorService.fetchContributorByUserId("user.id.in.other.project.area");
                                IContributor contributor = auditableCommon.resolveAuditable(contributorHandle, ItemProfile.CONTRIBUTOR_DEFAULT, monitor);
                                IContributorRecordHandle contributorRecordHandle = contributorService.fetchContributorRecordByUserId(IContributorUserId.FACTORY.create(contributor.getUserId()));
                                IContributorRecord contributorRecord = auditableCommon.resolveAuditable(contributorRecordHandle, ItemProfile.<IContributorRecord> createFullProfile(IContributorRecord.ITEM_TYPE), monitor);
                                UUID[] contributorIdentityUUIDs = new UUID[contributorRecord.getIdentities().size()];
                                List<IContributorIdentity> contributorIdentities = contributorRecord.getIdentities();
                                TeamServiceContext context;

                                for (int i = 0; i < contributorIdentities.size(); i++) {
                                    IContributorIdentity contributorIdentity = contributorIdentities.get(i);

                                    contributorIdentityUUIDs[i] = contributorIdentity.getId();
                                }
                                context = TeamServiceContext.pushImpersonation(contributor.getUserId(), contributor.getItemId(), contributorRecord.getItemId(), contributorIdentityUUIDs);
                                try {
                                ...
                                <you can make changes in the other project area here>
                                ...
                                } finally {
                                    ((TeamServiceContext) getTeamServiceContext()).popImpersonation(context);
                                }

Until now this solution works for me, but I follow to test it because I find this solution recently.

0 votes


Permanent link
I am not aware that this is possible.

If the extension is a server extension, the extension runs in the context of the user that does the operation that triggers the extension and in the context of his permissions.

The current user would require permissions on Project B to perform the operation there.

0 votes

Comments

@rschoon,

Yes, it is a server extension. It is a follow-up action Operation Advisor configured in RTC Project A. Which method to use to login Project B. We cannot hardcode the password.

Your answer

Register or log in to post your answer.

Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.

Search context
Follow this question

By Email: 

Once you sign in you will be able to subscribe for any updates here.

By RSS:

Answers
Answers and Comments
Question details
× 10,926

Question asked: Jan 21 '16, 12:19 p.m.

Question was seen: 3,256 times

Last updated: Jan 27 '16, 12:17 p.m.

Confirmation Cancel Confirm