JSP Authentication with the Method Server

During development for a customer, they wanted to access a JSP page that would execute some server-side code. The problem was that the page was being accessed by a program developed by the customer, so no user interaction could occur for authentication on Windchill's end.

The requirements prevented the code from being placed in the netmarkets folder or wtcore, but authentication was still required to execute the server-side code. Experimenting with automatic authentication caused a variety of errors:

• wt.method.AuthenticationException
• wt.method.MethodServerException: no active method context
• wt.util.WTContextNestingException

Finally, the code that worked:

<%@ include file="/netmarkets/jsp/util/context.jsp" %>
<% 
try
{
GatewayAuthenticator auth = new GatewayAuthenticator();
wt.org.WTPrincipal admin = SessionHelper.manager.getAdministrator();
auth.setRemoteUser(admin.getName());
wtcontext.setAuthentication(auth);
SessionHelper.manager.setAdministrator();
...
%>

Some code will still need to be executed through a service so that it executes inside the Method Server, but with the above code, it will execute without causing authentication or context errors.

Be careful of the above code because all code will execute as the administrator. If access control is needed then the code needs modified to reflect the current user.