Ok, this JPS uses a ugly hack to extract the UID (which is the first component) from the DN returned by OpenSSO.

<code java>
  See the License for the specific language governing permissions and
<html>
<body>
<%@ page import="java.util.*" %>
<%@ page import="javax.servlet.http.Cookie" %>
<%@ page import="java.net.URLDecoder" %>
<%@ page import="com.iplanet.sso.*" %>
<%@ page import="com.iplanet.sso.providers.dpro.SSOProviderBundle" %>
<%@ taglib uri="http://jakarta.apache.org/tomcat/examples-taglib" prefix="eg"%>

<%!
       private HashMap getCookieMap(HttpServletRequest request) {
                HashMap cmap= new HashMap();
                Cookie cookies[]= request.getCookies();
                for ( int i= 0 ; i < cookies.length ; i++ ) { 
                        String cname= cookies[i].getName();
                        cmap.put( cname, cookies[i] );
                }
                return cmap;
        }
%>
<%
   HashMap cookies = getCookieMap(request);
   String COOKIE_NAME = "iPlanetDirectoryPro";
   Cookie cookie = (Cookie) cookies.get(COOKIE_NAME);
   String tokenid = cookie.getValue();
   String userName;
       
   tokenid = URLDecoder.decode (tokenid, "ISO-8859-1" );
                
   SSOTokenManager stm= SSOTokenManager.getInstance();
   SSOToken st = stm.createSSOToken( tokenid );
   userName = st.getPrincipal().getName();
   userName = userName.substring( userName.indexOf( "=" ) + 1, userName.indexOf( "," ) ).toLowerCase();
%>              
Username: <%= userName %>
</body>         
</html> 
</code>