Creating a custom security adapter class
Extend the iPortal security adapter class to customize authentication. The iPortal security adapter requires access to the following libraries:
iPortalSecurityAdapter provides a set of empty methods. Extend this class and override any of the methods to provide custom IPSE authentication. To establish a secure session with Information Console using a custom security adapter, the following methods are required:
The login module of the Java Component calls methods in the custom security class to perform authentication and to retrieve login credentials. The authenticate( ) method returns a boolean value to indicate whether the login credentials provided are acceptable. The getter methods return the authenticated credentials. Each user name and password must correspond to an authentic user account. For example, to support a URL that authenticates using a single parameter, code, override authenticate( ) to retrieve the parameter from the HttpServletRequest and set the user name, password, and home folder as in the following class:
import javax.servlet.http.*;
public class SecurityCode extends {
  private String userName = null;
  private String password = null;
  public SecurityCode( ) {}
  public boolean authenticate( HttpServletRequest httpservletrequest) {
    String param = httpservletrequest.getParameter("code");
    boolean secured = true;
    if ("12345".equalsIgnoreCase( param )) {
      userName = "user1";
      password = "user1";
    } else if ("abc".equalsIgnoreCase( param )) {
      userName = "BasicUser";
      password = "";
    } else {
      secured = false;
    return secured;
  public String getUserName() { return userName; }
  public String getPassword() { return password; }
  public String getUserHomeFolder() { return userName; }
  public byte[] getExtendedCredentials() { return null; }
  public boolean isEnterprise() { return false; }
Users or pages attempting to authenticate a session with a Java Components application that implements the security adapter above must use URL parameters defined in the authenticate method. Because Java Components have no native security, a custom adapter becomes the sole security module.

Additional Links:

Copyright Actuate Corporation 2012