0

I'm trying to get the user's identity from an adapter and I see that the documentation mentions two different APIs that look like having equivalent descriptions to me: getActiveUser and getCurrentUserIdentity.

Looks like the first one needs a realm as a parameter: https://stackoverflow.com/a/17018349/239408. I don't know about the other one.

The documentation also refers to a strong identity concept that I haven't seen described anywhere.

Should I prefer one method over another? When should I expect to have a "strong identity" and not get back a null?

Community
  • 1
  • 1
xverges
  • 4,608
  • 1
  • 39
  • 60

1 Answers1

2

When you have multiple realms, each one of them will have a userId. e.g. realm used for authenticating users will have userIdentity that describes user properties, i.e. username, date of birth, displayName. realm used for authenticating devices will have userIdentity describing device properties, i.e. deviceId, platform, OS version etc. getActiveUser(realm) will get you a userIdentity of the specified realm. if you do getActiveUser("wl_deviceNoProvisioningRealm") you'll get identity of the device (assuming you are using wl_deviceNoProvisioningRealm).

getCurrentUserIdentity() and getCurrentDeviceIdentity() APIs are built on top of getActiveUser(). You don't have to specify explicitly which realm is used to identify user and which realm is used to identify device, WL server will do this for you and you'll automatically get userIdentity of current user and userIdentity of current device.

Anton
  • 3,166
  • 1
  • 13
  • 12
  • Thanks, @Anton. So I'll use `getCurrentUserIdentity()` and the code won't need to care about the contents of `authenticationConfiguration.xml`, as long as it defines some security test with `isInternalUserID="true"` set. But I'm still puzzled by the description in the documentation and its references to **strong identity**. Could you please elaborate on that? – xverges Feb 11 '15 at 17:38
  • 1
    just ignore the "strong" word :) – Anton Feb 11 '15 at 23:31
  • :-) Thanks, @Anton. So, am I safe ignoring both "strong" and the section between parenthesis from _If there is no strong identity associated with the user (the user was authenticated in this session or in a previous session), the method returns null_? Because if what's between parenthesis occurs, I would think that the user does have an identity associated, doesn't he? – xverges Feb 12 '15 at 06:27
  • null will return in case user is not authenticated. – Anton Feb 12 '15 at 06:55
  • Thanks for your time. I guess that the docs need some cleanup for these two methods. – xverges Feb 12 '15 at 07:31