0

I tried to get password for the particular profile, but I'm struggling to do so.

My friends suggested that we can get profile information when we pass profile id. Can any one help me how to do this?

Here is a code snippet of what we've done so far using profileId:

Repository repository = getConnection();
RepositoryView view=repository.getView("user");
RqlStatement stat=RqlStatement.parseRqlStatement("email=?0");
Object param[]={resetEmail};
RepositoryItem[] emailCheck=stat.executeQuery(view, param);
Map profile= new HashMap();
profile.put("userId",profileId);

Please help me get profile information when we pass profile id.

radimpe
  • 3,197
  • 2
  • 27
  • 46
Mani
  • 1
  • 1
  • 8
  • hi @rapidmpe i need some answer regarding this question help me out.. – Mani May 22 '14 at 09:42
  • Is your intention to send the user's current password to them by email? If so, you can not. The password is hashed. Or is your intention to reset the user's password? – Vihung Jan 06 '15 at 12:18

1 Answers1

1

First of all, in ATG the Profile's password is hashed to prevent any malicious attacker from reading it in clear text. Depending on your ATG version it will be hashed in MD5 or SHA-1 plus some salt, so you will NOT be able to see a clear text password.

Second, why do you need to access the password? If you have a specific requirement, such as logging the user in, post it and I will be able to assist.

That said, assuming that you have a valid scenario where you need to access the hashed password, how to do it depends on whether you just need the password of the user that is logged in, or some other user.

For the currently logged in user, you just need to resolve the /atg/userprofiling/Profile component, and do

String password = (String) profile.getPropertyValue("password");

Obviously the "password" string should replaced with a constant or with the Profile propertyManager, depending on your project's coding practices.

If you want to access the password (remember, you can't access the clear text password, only the hashed version of it) of any other user, you need to locate the user first. The /atg/userprofiling/ProfileItemFinder component has tools to help you with these, so you'll have to inject it into whatever component you are writing:

RepositoryItem user = profileItemFinder.findByEmail("your@email.com", "user")[0];
String password = (String) user.getPropertyValue("password");

Hope this helps.

Edit If all you have is the profile id, you can use the following snippet after injecting the /atg/userprofiling/ProfileTools component:

Profile user = profileTools.findProfile("profile id");
String password = (String) user.getPropertyValue("password");
Gustavo Recio
  • 43
  • 4
  • is there any other way like like 'if we pass the profile id and can get the profile password'?... – Mani May 22 '14 at 09:31
  • Yes, in that case you can use the 'ProfileTools' component to lookup the profile item by id: profileTools.findProfile(id), and then do the getPropertyValue – Gustavo Recio May 22 '14 at 12:19
  • i want to do reset my password functionality thats why i asked to get password and note these will happen when the user in not login... – Mani May 30 '14 at 07:37