+

Search Tips   |   Advanced Search


Enable user impersonation

The Impersonation feature allows a user such as a support specialist to access a user's system to test out a new page, portlet, etc. and to see any issues as they occur on the end user system. Portal Access Control controls the ability to impersonate another user. To be able to impersonate another user, have Delegator@User access. You first need to enable the impersonation feature within WebSphere Portal.

To enable user impersonation:

  1. Log on to the WAS or Network Deployment Administration Console.

  2. To enable the Impersonation feature:

    1. Navigate to Resources > Resource Environment > Resource Environment Providers > WP Authentication Service > Custom Properties.

    2. Click New.

    3. Enter logout.explicit.filterchain in the Name field.

    4. Enter com.ibm.wps.auth.impersonation.impl.ImpersonationLogoutFilter in the Value field.

    5. Click Apply and then click Save to save the changes directly to the master configuration.

    6. Navigate to Resources > Resource Environment > Resource Environment Providers > WP PortletServiceRegistryService > Custom Properties.

    7. Click New.

    8. Enter jndi.com.ibm.portal.portlet.service.impersonation.ImpersonationService in the Name field.

    9. Enter com.ibm.wps.portletservice.impersonation.impl.ImpersonationServiceImpl in the Value field.

    10. Click Apply and then click Save to save the changes directly to the master configuration.

  3. Cycle the WebSphere_Portal server.

  4. Use the following sample to develop a portlet that you will use to impersonate a user: 

    import com.ibm.portal.portlet.service.impersonation.ImpersonationService;
... 
com.ibm.portal.portlet.service.PortletServiceHome psh;
javax.naming.Context ctx = new javax.naming.InitialContext(); 
try 
{  
   psh = (PortletServiceHome) 
   ctx.lookup(ImpersonationService.JNDI_NAME); 
} catch(javax.naming.NameNotFoundException ex) 
{ 
    // error handling 
} 

// obtain the service object and use the service  
ImpersonationService impersonationService = (ImpersonationService) 
psh.getPortletService(ImpersonationService.class);  
try {  
impersonationService.doImpersonate(request, response, stringuserDN); } 
catch (Exception e) 
{ 
// error handling 
}

    You can either enter the information of the User you want to impersonate in a string or you can use the PUMA SPI User object.

  5. To assign the Delegator role to a user:

    1. Log on to WebSphere Portal as the Administrator.

    2. Click Administration.

    3. Click Access > User and Group Permissions.

    4. Click Users.

    5. Search for the user you want to assign as Delegator.

    6. Click the Select Resource Type icon for the required user.

    7. Navigate to the page that contains the Virtual Resources option, using the Page Next button and click that link.

    8. Navigate to the page that contains the USERS option and click the Assign Access icon.

    9. Select the Explicitly Assign check box for the Delegator role.

    10. Click OK.

    11. Verify that the required user now has User and Delegator access.

The user(s) with the Delegator role can now impersonate another user.


Parent topic:

Users and groups


Related concepts


Controlling access
Develop portlets
Auditing


Related information


Users and groups