 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Java Forum / Security / November 2003web application: how to get the currently logged in user?
Hi, i want to get the username of the currently logged in user (system login on a windows domain) with a jsp or a servlet. Can anybody help me? thanks...  Signaturebye Stephan... Stephan: This'll do it for you: String userSystemName = System.getProperty("user.name"); > Stephan: > > This'll do it for you: > String userSystemName = System.getProperty("user.name"); Did you test this? I wonder to know how a software which executes on a server can get the currently logged in user on a remote client machine using this command. For me, using a jsp or a servlet or a servlet, it is not directly possible to get the currently logged in user as the jsp or servlet is invoked through HTTP which is anonymous. Maybe did I missing the real intent of the initial question Frédéric >> Stephan: >> [quoted text clipped - 10 lines] > > Maybe did I missing the real intent of the initial question Yes. The OP did not specify whether he wanted the user currently logged in on the client or the user currently logged in on the server. --Mike Amling >>> Stephan: >>> [quoted text clipped - 15 lines] > > --Mike Amling Yes but he mentionned using JSP or servlets Frédéric > Gedin Fr?d?ric wrote: > > [quoted text clipped - 15 lines] > Yes. The OP did not specify whether he wanted the user currently > logged in on the client or the user currently logged in on the server. Sorry - my mistake: I meant the currently logged in user on the client side. Signaturebye Stephan... "Gedin Fr?d?ric" <frederic.gedin@free.fr> schrieb im Newsbeitrag news:3fbb954d$0$2806$626a54ce@news.free.fr... > > Stephan: > > [quoted text clipped - 10 lines] > > Maybe did I missing the real intent of the initial question No, that is exactly what I meant. I know that this is possible in combination with the IIS. That works afaik with the so called NTLM 'protocol'. Where the Browser sends the login information with a request. I wonder if there is a servlet or anything like that, that emulates the behavior of the IIS. Signaturebye Stephan... > No, that is exactly what I meant. I know that this is possible in > combination with the IIS. That works afaik with the so called NTLM > 'protocol'. Where the Browser sends the login information with a request. > I wonder if there is a servlet or anything like that, that emulates the > behavior of the IIS. Wedgetail claims to do that: http://www.wedgetail.com/jcsi/sso/ You didn't say you want it for free, did you ? Matthias SignatureMatthias Ernst CoreMedia - Smart Content Technology "Overall, JAXP is much like the rest of Java: a partial description intended to assist developers in using a single implementation" Have a look at http://jcifs.samba.org/src/docs/ntlmhttpauth.html. Only works with MS Internet Explorer. Patrick > Stephan: > > This'll do it for you: > String userSystemName = System.getProperty("user.name"); > Have a look at http://jcifs.samba.org/src/docs/ntlmhttpauth.html. > Only works with MS Internet Explorer. [quoted text clipped - 5 lines] >> This'll do it for you: >> String userSystemName = System.getProperty("user.name"); A more general solution could consist in implementing a filter in the application server which will invoke a SSO. It is more complicated but it works everywhere with a better security. A good example is documented here http://www-106.ibm.com/developerworks/web/library/wa-singlesign/ Frédéric > Have a look at http://jcifs.samba.org/src/docs/ntlmhttpauth.html. > Only works with MS Internet Explorer. Ok, i read this. But as I understand this is used to authorize the access to any file sharing. How is it then possible to get the username of the user? Can I then use the getRemoteUser() method? I need the username for a LDAP (ADS) Lookup for the groups the user belongs to. -- bye Stephan... >>Have a look at http://jcifs.samba.org/src/docs/ntlmhttpauth.html. >>Only works with MS Internet Explorer. [quoted text clipped - 7 lines] > -- > bye Stephan... Once the filter has got the authorisation, it can add the user id in the HTTP query before returning to the actual serlet invocation. Just read the use of the servlet filters. I do not have a good pointer here but google should do it for you! Frédéric Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.