Solaris 8
Java 1.4.2
Tomcat  4.0.6 (I know, I can't do anything about it yet)

I need to log someone in automatically to a local service (content
management server), and while I don't like the idea of doing so it is not my
decision to make so I'm trying to come up with the most secure
implementation as is possible (and practical).

The content management system will allow the administrator to create a
session for someone by proxy but you must first login as the content
management system administrator.  It just so happens that the content
management system user is the same as the tomcat user so the question
becomes can I, from within my class, get the login credentials of the tomcat
user?  I know I can get the name with System.getProperty but what about the
password?

Any other suggestions are welcome, I'm trying to avoid storing the password
for the content management system administrator on the filesystem.

-Mark